Systems, methods, and devices for digital advertising ecosystems implementing content delivery networks utilizing edge computing

ABSTRACT

Disclosed herein are systems and techniques for using a content delivery network to perform various functions within a digital advertising ecosystem, in ways that yield technological benefits such as improved security, efficiency, and speed (for example, reduction in publisher load times). As one specific example, a content delivery network can be used for the creation of electronic tokens for user identity protection between demand side platforms, supply side platforms, content creators (for example, advertisers), and publishers.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.17/028,659, filed Sep. 22, 2020, and titled “SYSTEMS, METHODS, ANDDEVICES FOR DIGITAL ADVERTISING ECOSYSTEMS IMPLEMENTING CONTENT DELIVERYNETWORKS UTILIZING EDGE COMPUTING,” which claims the benefit of U.S.Provisional Patent Application No. 62/904,471, filed Sep. 23, 2019, andtitled “SYSTEMS, METHODS, AND DEVICES FOR DIGITAL ADVERTISING ECOSYSTEMSIMPLEMENTING CONTENT DELIVERY NETWORKS UTILIZING EDGE COMPUTING,” whichare hereby incorporated by reference in their entireties.

TECHNICAL FIELD

The present disclosure relates to systems and methods for using acontent delivery network to perform various functions within a digitaladvertising ecosystem, in ways that yield technological benefits such asimproved security, efficiency, and speed (for example, reduction inpublisher load times). As one example, in some embodiments describedherein, a content delivery network can be used for the creation ofelectronic tokens for user identity protection between demand sideplatforms, supply side platforms, content creators (for example,advertisers), and publishers.

BACKGROUND

Online publishers typically provide or allocate portions of their webpages for advertising purposes. These areas are sometimes referred to asimpression opportunities. Some of the impression opportunities areavailable for advertising products, services, or businesses not directlyprovided by or related to the online publishers, and these impressionopportunities can be sold to advertisers for a price within the digitaladvertising ecosystem—either directly to advertisers, throughadvertising networks, or through advertising exchanges (for example, adexchanges).

Ad exchanges serve as online marketplaces where publishers, advertisers,agencies, and ad networks (for example, demand-side platforms andsupply-side platforms) can buy and sell their ad inventory. Ad exchangesprovide a platform for buying and selling advertising impressions byconsolidating and managing impression opportunities across a pluralityof publishers, and ad exchanges can use real-time bidding to allowadvertising impression opportunities to be sold on animpression-by-impression basis. This enables advertisers to create veryhighly targeted campaigns to pick and choose from available impressionopportunities, which are auctioned off to the highest bidder. In otherwords, ad exchanges allow advertisers to bid against each other todisplay their advertisement to individual consumers that are most likelyto be interested in it. The real-time bidding for selecting theadvertisement to display to a user accessing the publisher's content andthe delivery of the advertisement to the user can all occur within afraction of a second.

However, opportunities may exist to improve the functioning of digitaladvertising ecosystems through the use of content delivery networks,which are typically a system of distributed servers (for example, anetwork) that deliver pages and other web content to a user device,based on the geographic locations of the user, the origin of the contentand the content delivery server. Such implementations of contentdelivery networks within the digital advertising ecosystem and theirassociated technological benefits are contemplated herein.

SUMMARY

Disclosed herein are systems and techniques for implementing a contentdelivery network to perform various functions within a digitaladvertising ecosystem, in ways that yield technological benefits such asimproved security, efficiency, and speed (for example, reduction inpublisher load times).

For example, in a configuration of content delivery networks may becapable of edge computing, allowing them to perform functions beyond thesimple delivery of web content. Depending on the implementation of thecontent delivery network, the content delivery network can be used in tohost, synchronize, or delimit data among the entities of the digitaladvertising ecosystem, it can perform certain functions on behalf of theentities in the digital advertising ecosystem, and/or it can evenreplace certain entities entirely.

As an example, a content delivery network can be used for the creationof electronic tokens for user identity protection between demand sideplatforms, supply side platforms, content creators (for example,advertisers), and/or publishers. This can prevent certain entities (forexample, demand side platforms) from being able to determine the uniqueuser identity associated with a particular impression opportunity thatis being offered through the digital advertising ecosystem.

Various embodiments of the present disclosure provide improvements tovarious technologies and technological fields. For example, as will bedescribed herein, existing processes for real-time bidding on impressionopportunities within the digital advertising ecosystem can be limited invarious ways (some examples include: personally-identifying user data isgrowing in difficulty to match to pseudonymous data as third-partycookies continue to deprecate and third-party cookies will eventually nolonger support the re-identification and targeting of user data,maximizing publisher revenue may require technical implementations thatare burdensome on user devices, and so forth). The various embodimentsof the disclosure provide significant improvements over such technology.Additionally, various embodiments of the present disclosure areinextricably tied to computer technology. In particular, variousembodiments rely on content delivery networks, particularly contentdelivery networks capable of performing edge computing (for example, adistributed computing paradigm which brings computation and data storagecloser to the location where it is needed, to reduce latency, improveresponse times and save bandwidth). Such features and others (forexample, the distributed processing and analysis of large amounts ofelectronic data at the edge of the Internet) are intimately tied to, andenabled by, computer technology, and would not exist except for computertechnology. For example, the real-time bidding described below inreference to various embodiments cannot reasonably be performed byhumans alone, without the computer technology upon which they areimplemented. Further, the implementation of the various embodiments ofthe present disclosure via computer technology enables many of theadvantages described herein, including more efficient interaction with,and presentation of, various types of electronic data.

Furthermore, various embodiments of the present disclosure preventuser-based data leakage. Examples of such user-based data leakageinclude cookie-mapping, or the scenario of the DSP receiving a hashedemail (e.g., instead of a token), storing the hashed email, andre-uploading the hashed email to an identity service provider forre-identification. For example, if a publisher included a hashed emailin their bid requests, the DSP (or any entity in the receiving chain ofbidding events) could then generate a hashed email audience of usersaccessing the publisher's resource. There is no cookie-mapping happeningat all, but still a major risk of data leakage.

In various embodiments, a computing system is contemplated for a contentdelivery network, enabling identity escrow and/or preventing user-baseddata leakage (such as cookie-mapping). The computing system may includea computer readable storage medium having program instructions embodiedtherewith and one or more processors configured to execute the programinstructions to cause the computer system to perform the processes of:initiating delivery of content to a computing system of a user inresponse to a request for the content by the computing system of theuser; storing a first deterministic identifier associated with the user,wherein the first deterministic identifier comprises a first lexicaltoken associated with at least one type of identifying data for theuser; storing user-specific preference information associated with theuser based on the first deterministic identifier associated with theuser; receiving, from a publisher, a second deterministic identifier,wherein the second deterministic identifier comprises a second lexicaltoken, wherein the publisher does not have access to the firstdeterministic identifier or the at least one type of identifying datafor the user or the user-specific preference information; determining ifthe second deterministic identifier is associated with the userassociated with the first deterministic identifier; retrieving thestored user-specific preference information associated with the userbased on a determination that the second deterministic identifier andthe first deterministic identifier are both associated with the user;generating an encrypted token for identity escrow based on the retrieveduser-specific preference information associated with the user, whereinthe generated encrypted token does not comprise any personallyidentifiable information for the user; transmitting the encrypted tokento the publisher for submission alongside a bid request to a demand-sideplatform for real-time bidding, thereby providing the retrieveduser-specific preference information associated with the user to thedemand-side platform without revealing personally identifiableinformation for the user to the demand-side platform, thereby preventingcookie-mapping (or any other user-based data leakage) on a browser of auser device; and delivering to the computing system of the user thecontent and an ad impression, wherein the ad impression won thereal-time bidding without access to personally identifiable informationfor the user and without cookie-mapping.

In some embodiments, the real-time bidding is processed outside of aheader of the browser of the user device. In some embodiments, thereal-time bidding is processed within a header of the browser of theuser device. In some embodiments, the computing system is a proxy serverof the content delivery network. In some embodiments, the user-specificpreference information comprises market segment membership informationassociated with the user. In some embodiments, the user-specificpreference information comprises purchasing preferences associated withthe user. In some embodiments, the first deterministic identifier is anemail address for the user. In some embodiments, the seconddeterministic identifier received from the publisher is associated withan impression opportunity offered by the publisher. In some embodiments,the program instructions, when executed, further cause the system toperform the step of transmitting the encrypted token to a supply-sideplatform. In some embodiments, the program instructions, when executed,further cause the system to perform the steps of: receiving, from ademand-side platform, a request for the user-specific preferenceinformation associated with the user that is included in the encryptedtoken; and providing the demand-side platform the user-specificpreference information associated with the user by decrypting theencrypted token. In some embodiments, the program instructions, whenexecuted, further cause the system to perform the steps of: receiving,from a demand-side platform, a request for the user-specific preferenceinformation associated with the user that is included in the encryptedtoken; and providing the demand-side platform the stored user-specificpreference information associated with the user. In some embodiments,the second deterministic identifier is associated with the user andidentical to the first deterministic identifier.

In various embodiments, a computer-implemented method for enablingidentity escrow and preventing user-based data leakage (such ascookie-mapping) is contemplated. The method may include the steps of:initiating delivery of content to a computing system of a user inresponse to a request for the content by the computing system of theuser; storing a first deterministic identifier associated with the user,wherein the first deterministic identifier comprises a first lexicaltoken associated with at least one type of identifying data for theuser; storing user-specific preference information associated with theuser based on the first deterministic identifier associated with theuser; receiving, from a publisher, a second deterministic identifier,wherein the second deterministic identifier comprises a second lexicaltoken, wherein the publisher does not have access to the firstdeterministic identifier or the at least one type of identifying datafor the user or the user-specific preference information; determining ifthe second deterministic identifier is associated with the userassociated with the first deterministic identifier; retrieving thestored user-specific preference information associated with the userbased on a determination that the second deterministic identifier andthe first deterministic identifier are both associated with the user;generating an encrypted token based on the retrieved user-specificpreference information associated with the user, wherein the generatedencrypted token does not comprise any personally identifiableinformation for the user; transmitting the encrypted token to thepublisher for submission alongside a bid request to a demand-sideplatform for real-time bidding, thereby providing the retrieveduser-specific preference information associated with the user to thedemand-side platform without revealing personally identifiableinformation for the user to the demand-side platform, thereby preventingcookie-mapping (or any other user-based data leakage) on a browser of auser device; and delivering to the computing system of the user thecontent and an ad impression, wherein the ad impression won thereal-time bidding without access to personally identifiable informationfor the user and without cookie-mapping.

In some embodiments, the real-time bidding is processed outside of aheader of the browser of the user device. In some embodiments, theuser-specific preference information comprises market segment membershipinformation associated with the user. In some embodiments, theuser-specific preference information comprises purchasing preferencesassociated with the user. In some embodiments, the first deterministicidentifier is an email address for the user.

In various embodiments, non-transitory computer readable storage mediais contemplated. The non-transitory computer readable storage mediastores instructions that, when executed by one or more processors, causethe one or more processors to enable identity escrow and preventuser-based data leakage (such as cookie-mapping) by performing the stepsof: initiating delivery of content to a computing system of a user inresponse to a request for the content by the computing system of theuser; storing a first deterministic identifier associated with the user,wherein the first deterministic identifier comprises a first lexicaltoken associated with at least one type of identifying data for theuser; storing user-specific preference information associated with theuser based on the first deterministic identifier associated with theuser; receiving, from a publisher, a second deterministic identifier,wherein the second deterministic identifier comprises a second lexicaltoken, wherein the publisher does not have access to the firstdeterministic identifier or the at least one type of identifying datafor the user or the user-specific preference information; determining ifthe second deterministic identifier is associated with the userassociated with the first deterministic identifier; retrieving thestored user-specific preference information associated with the userbased on a determination that the second deterministic identifier andthe first deterministic identifier are both associated with the user;generating an encrypted token based on the retrieved user-specificpreference information associated with the user, wherein the generatedencrypted token does not comprise any personally identifiableinformation for the user; transmitting the encrypted token to thepublisher for submission alongside a bid request to a demand-sideplatform for real-time bidding, thereby providing the retrieveduser-specific preference information associated with the user to thedemand-side platform without revealing personally identifiableinformation for the user to the demand-side platform, thereby preventingcookie-mapping (or any other user-based data leakage) on a browser of auser device; and delivering to the computing system of the user thecontent and an ad impression, wherein the ad impression won thereal-time bidding without access to personally identifiable informationfor the user and without cookie-mapping.

In some embodiments, the real-time bidding is processed outside of aheader of the browser of the user device. In some embodiments, theuser-specific preference information comprises market segment membershipinformation associated with the user.

Additional embodiments of the disclosure are described below inreference to the appended claims, which may serve as an additionalsummary of the disclosure.

In various embodiments, systems and/or computer systems are disclosedthat comprise a computer readable storage medium having programinstructions embodied therewith, and one or more processors configuredto execute the program instructions to cause the one or more processorsto perform operations comprising one or more aspects of the above-and/or below-described embodiments (including one or more aspects of theappended claims).

In various embodiments, computer-implemented methods are disclosed inwhich, by one or more processors executing program instructions, one ormore aspects of the above- and/or below-described embodiments (includingone or more aspects of the appended claims) are implemented and/orperformed.

In various embodiments, computer program products comprising a computerreadable storage medium are disclosed, wherein the computer readablestorage medium has program instructions embodied therewith, the programinstructions executable by one or more processors to cause the one ormore processors to perform operations comprising one or more aspects ofthe above- and/or below-described embodiments (including one or moreaspects of the appended claims).

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1A is a block diagram illustrating an example system, according tosome embodiments of the present disclosure.

FIG. 1B is a block diagram illustrating an example system, according tosome embodiments of the present disclosure.

FIG. 2 is a data flow diagram illustrating an example process for usinga CDN to protect user identities within a digital advertising ecosystem,according to some embodiments of the present disclosure.

FIG. 3 is a data flow diagram illustrating an example process for usinga CDN for conducting header bidding within a digital advertisementecosystem, in accordance with some embodiments of the presentdisclosure.

FIG. 4 is a data flow diagram illustrating an example process for usinga CDN to host syncs (for example, user mappings) for participants withina digital advertising ecosystem, in accordance with some embodiments ofthe present disclosure.

FIG. 5 is a data flow diagram illustrating an example process for usinga CDN to distribute forwarded bids within a digital advertisingecosystem, in accordance with some embodiments of the presentdisclosure.

FIG. 6 illustrates a computer system with which certain methodsdiscussed herein may be implemented, in accordance with some embodimentsof the present disclosure.

FIG. 7 is a schematic diagram illustrating a content delivery networkaccording to some embodiments.

FIG. 8 illustrates a computer system with which certain methodsdiscussed herein may be implemented.

FIG. 9A is a block diagram illustrating an example workflow betweenparticipants of a digital advertising ecosystem, according to someembodiments of the present disclosure.

FIG. 9B is a block diagram illustrating an example workflow betweenparticipants of a digital advertising ecosystem, according to someembodiments of the present disclosure.

FIG. 10A is a block diagram illustrating an example workflow betweenparticipants of a digital advertising ecosystem, according to someembodiments of the present disclosure.

FIG. 10B is a block diagram illustrating an example workflow betweenparticipants of a digital advertising ecosystem, according to someembodiments of the present disclosure.

DETAILED DESCRIPTION

Overview

A typical digital advertising ecosystem may include users, publishers(for example, content creators), advertisers, agencies, ad networks (forexample, demand-side platforms and supply-side platforms), and adexchanges. A user may access content of a publisher through a userdevice, and there may be available ad space to display an ad to theuser. This is an impression opportunity, which the publisher may sell onan impression-by-impression basis to advertisers.

The publisher may send the impression opportunity to a supply-sideplatform, which can conduct an auction in an ad exchange with one ormore demand-side platforms through a process called real-time bidding.Advertisers may create highly targeted campaigns to pick and choose fromavailable impression opportunities and have demand-side platforms bid ontheir behalf in these real-time bidding. The demand-side platform maybid on an advertiser's behalf for an impression opportunity that meetsthe criteria for the advertiser's campaign. A link for an advertisementassociated with the advertiser can be sent for the winning bid (forexample, highest price) to the supply-side platform, which can forwardthe link to the publisher to retrieve the advertisement and display itwith the content on the user device.

Thus, the real-time bidding for selecting the advertisement to displayto a user accessing the publisher's content and the delivery of theadvertisement to the user can all occur within a fraction of a second.However, not only is speed and efficiency of communications between theparticipants of the digital advertising ecosystem important, butsecurity as well. So much user data is shared between the participantsof the digital advertising ecosystem that care must be taken to preventunauthorized participants from being able to determine a unique useridentity and associating with it the behaviors of the user tracked overa length period of time.

Accordingly, opportunities may exist to improve the functioning ofdigital advertising ecosystems through the use of content deliverynetworks, which are typically a system of distributed servers (forexample, a network) that deliver pages and other web content to a userdevice, based on the geographic locations of the user, the origin of thecontent and the content delivery server. These content delivery networkscan be used to improve the speed, efficiency, and security of the dataflows within the digital advertising ecosystem.

In some embodiments, there is disclosed a system for integrating acontent delivery network within the digital advertising ecosystem thatinvolves having the content delivery network serve as a singular entityfor managing a user identity database to store collected user data (forexample, first party data from advertisers) for different unique useridentities. For example, when a publisher desires to auction off animpression opportunity that is associated with a user, the system can beused to provide details associated with the user to the content deliverynetwork. In some embodiments, the content delivery network can retrieve,from the user identity database, any relevant information for that useridentity. This may include personally-identifying information (forexample, information about the user's specific identity or the user'sbehaviors and preferences that can be probabilistically used todetermine the user's specific identity). In some embodiments, thecontent delivery network can generate an encrypted, electronic tokenbased off all the retrieved information, and that token can be providedto the publisher, which can be passed around in one or morecommunications that take place in the digital advertising ecosystem whenan impression opportunity is auctioned off. Thus, in some embodiments,all the entities in the digital advertising ecosystem can conduct theauction as normal while using the token to refer to the associated user.

In some embodiments, the appropriate owner of data may be able to givedifferent levels of permission to the entities of their choosing (e.g.,subscribers) to retrieve the data they own from the token. For example,an advertiser may be able to grant access for a subscriber to retrievepersonally-identifying information for a user from the token. Thus,entities may not have access to any information about the user, exceptfor the entities that have been provided a method for decrypting thetoken, and those entities would only be able to access the user data onthe token as permissioned by the owner of the user data. In someembodiments, the owner of the data may be able to enable differentlevels of permission to the entities of their choosing (i.e.subscribers). In some embodiments, only the content delivery network hasaccess to all the collected information associated with each useridentity, which provides user identity protection and prevents thesharing of user data between the participants of the digital advertisingecosystem, so that any entity in the digital advertising ecosystemcannot collect and track user data over time in order to associate userpreferences and behavior to a unique user identity.

In some embodiments, an approach for integrating a content deliverynetwork within the digital advertising ecosystem is to have the contentdelivery network handle the processing associated with header bidding,such that the content delivery network simultaneously sends out bidrequests (and receives the corresponding bid responses) for animpression opportunity to a large number of entities at the same time.In this manner, the content delivery network can be used to offload theprocessing associated with auctioning an impression opportunity thatwould be performed by the user device, publisher ad server, or anysupply-side entity. In some embodiments, this would allow the publisherto maximize ad revenue without the risk of any slowdowns associated withthat processing when the bid requests are being sent to a potentiallylarge number of different entities. Furthermore, this approach can becombined with the aforementioned approach for protecting user identitiesby having the content delivery network manage user identities and issueencrypted tokens to be sent out with the bid requests.

In some embodiments, an approach for integrating a content deliverynetwork within the digital advertising ecosystem is to have the contentdelivery network manage site tracking (for example, the browsing andactivity of a user across different websites) of users. Traditionally,site tracking has been individually performed by third-party trackingentities (for example, advertisers or advertisement platforms) thatutilize a tracking pixel to generate a cookie on the user's device.However, this site tracking functionality can be limited and in order toobtain better profile of the users, these entities constantly sharetheir data on a particular user through techniques such as cookiesyncing and piggybacking pixels. Although the content delivery networkcould be used to manage and store all user data associated with a useridentity (for example, by having all these entities share their datawith the content delivery network), in some embodiments, these entitiescould also continue to use their existing techniques for sharing userdata, with the content delivery network serving to help manage andsimplify that sharing. In particular, the content delivery network canbe used to host the syncs (e.g., pixels) and manage the syncs (forexample, user mappings) for all these tracking entities instead ofhaving each entity host their own syncs. In some embodiments, a mastertracking tag can be used to deliver the appropriate syncs to the userdevice as the user accesses a website, and this delivery would also befaster since the syncs would be stored and delivered by the contentdelivery network itself.

In some embodiments, an approach for integrating a content deliverynetwork within the digital advertising ecosystem is to have the contentdelivery network manage and distribute forwarded bids. The contentdelivery network can be used as a middleman to receive a large number ofbid requests for impression opportunities and forward the appropriatebid requests to each subscribing recipient (for example, advertisers orDSPs) based on filters or pre-defined criteria established by therecipient. In some embodiments, the content delivery network can even beentrusted to perform bidding for the recipients based on biddingalgorithms provided to the content delivery network. In someembodiments, this would serve to improve publisher ad revenue in a waythat minimizes network traffic and wasted communications, by allowingbid requests for impression opportunities to be sent to the broadestaudience possible (a potentially large number of recipients) based onfiltering criteria established by the recipients.

In some embodiments, the content delivery network may be used to mapuser identities for use within the digital advertising ecosystem. Insome embodiments, the content delivery network may be used for cookiesyncing for third-party cookies or first-party cookies (e.g., mappinguser identities to the cookies associated with different sites). In someembodiments, the content delivery network may be used to map useridentities directly to user identities.

FIG. 1A is a block diagram illustrating an example system 100, accordingto some embodiments of the present disclosure. The example system 100may include a content delivery network (CDN) 110, one or more publishers115, one or more users 120 operating one or more user devices 125, oneor more advertisers 130, one or more demand-side platforms (DSP) 135,and one or more supply-side platforms (SSP) 140. The example system 100may also optionally include one or more site optimization vendors 145and/or one or more site analytics vendors 150. For the purposes ofsimplicity and facilitating understanding of the example system 100, thecomponents of the example system 100 may be described singularly (forexample, in the context of a single publisher 115, and so forth).However, it should be noted that in practice, there can be any number ofeach of the components within the example system 100.

The components of the example system 100 may be communicatively coupledto one another via the internet 105, and the CDN 110 may operate as alayer in the internet 105 in order to provide high-availability andhigh-performance content delivery to end-users (for example, any of thecomponents in the example system 100, including—but not limited to—theuser devices 125).

In some embodiments, the CDN 110 may be a geographically distributednetwork of nodes (for example, proxy servers) and their associated datacenters. The CDN 110 may utilize internet service providers (ISPs),carriers, and network operators for hosting its nodes, servers, and datacenters. In turn, content owners, including the components of theexample system 100, may utilize the CDN 110 to store and deliver theircontent to end-users, including other components in the example system100. In some embodiments, since the CDN nodes are in differentlocations, this allows the content delivery service to be spatiallydistributed relative to the receiving end-users. The appropriate CDNnode to use for delivering content to a specific end-user can beoptimally selected (for example, to optimize for performance), such asby choosing a node with the fewest hops or the least number of networkseconds away from the requesting end-user, or the highest availabilityin terms of server performance (both current and historical), and soforth. Storing and delivering content through the CDN 110, as opposed tovia centralized server, may yield benefits that include reducedbandwidth costs, improved content load times, or increasing globalavailability of content. The CDN 110 may be used to deliver a largevariety of Internet content, including web objects (text, graphics andscripts), downloadable objects (media files, software, documents),applications (e-commerce, portals), live streaming media, on-demandstreaming media, and so forth.

In some embodiments, the CDN 110 may be an edge cloud network, such asan IoT edge cloud network, that is capable of performing edge computing(for example, performing processing at the edge of the network, close tothe end-device). In some embodiments, the CDN 110 may have a cloudlet,which is a mobility-enhanced small-scale cloud datacenter that islocated at the edge of the Internet. The main purpose of the cloudlet issupporting resource-intensive and interactive mobile applications byproviding powerful computing resources to mobile devices with lowerlatency. Such configurations for the CDN 110 may utilize decreasedbandwidth, reduce network load, and allow for computation offloading forreal-time applications. In some embodiments, the CDN 110 may be anycloud provider with a mechanism for distributed key value transactionprocessing and computation at the edge.

In some embodiments, the CDN 110 may be entrusted to perform functionsassociated with identity and access management (e.g., identitytranslation or identity escrow) for the participants of the real-timebidding process. More specifically, in some embodiments, the CDN 110 mayperform identity management functions, such as identity managementfunctions associated with the processing of personally identifiableinformation (PII), which is any data that could potentially identify aspecific individual, distinguish one person from another, or be used forde-anonymizing previously anonymous data. These identity managementfunctions may include: receiving, holding, or protecting personallyidentifiable information (PII); holding or processing metadata on thePII; encrypting, hashing, or tokenizing PII; and/or delivering encryptedor tokenized PII. In some embodiments, the CDN 110 may perform datamanagement functions, such as performance aggregation and “clean room”data processing involving receiving log level data (e.g., bid,impressions, online events, attributed event, etc.); processing loglevel data into aggregated performance data; receiving or producingtokens/pseudonymous identifiers for use in data processing or safedelivery to a third party; delivering processed performance data and/orlog level data to permission parties; and/or intaking third-partyalgorithms, training third-party algorithms on permissioned logs, andenabling use of the third-party algorithms for activation in real-timeor on an ad hoc basis.

In some embodiments, the publisher 115 may be a content creator with theopportunity to earn revenue for displaying advertisements with theircontent. The content and advertisements can be displayed to usersthrough a variety of technological platforms. For instance, thepublisher 115 may be a web site owner and users accessing a web page onthe site can be displayed advertisements. As another example, thepublisher 115 may be a streaming video service operator and usersaccessing streaming video content via an application on their electronicdevice can be displayed video advertisements.

In some embodiments, the user 120 may use a user device 125 to accessthe content provided by a publisher 115. For instance, the user device125 may be a computer, mobile device, smart television, and so forth.

In some embodiments, the advertiser 130 may be any entity willing topurchase an impression for displaying an advertisement with the contentof the publisher 115.

In some embodiments, the DSP 135 is a system that allows buyers (forexample, advertisers) of digital advertising inventory to managemultiple ad exchange and data exchange accounts through one interface.By utilizing a DSP, advertisers can manage their bids for theimpressions and the pricing for the data that they are layering on totarget their audiences.

In some embodiments, the SSP 140 is a technology platform that enablespublishers (for example, web site publishers and digital media owners)to manage their advertising space inventory, fill it with ads, andreceive revenue. Publishers may use a supply-side platform to automateand optimize the selling of their impression opportunities.

FIG. 1B is a block diagram illustrating an example system 102, accordingto some embodiments of the present disclosure. The example system 102 ofFIG. 1B may be very similar to the example system 100 of FIG. 1A; theexample system 102 may include a content delivery network (CDN) 110, oneor more publishers 115, one or more users 120 operating one or more userdevices 125, one or more advertisers 130, one or more demand-sideplatforms (DSP) 135, and one or more supply-side platforms (SSP) 140,one or more site optimization vendors 145, and/or one or more siteanalytics vendors 150. Thus, the descriptions of these components arenot repeated. However, in comparison to example system 100, the examplesystem 102 may further include one or more CDN vendors 160. As referredto herein, the term “CDN vendor” is not to be confused with an entityoffering CDN services (e.g., another CDN), but rather encompasses anytechnology vendor that the CDN has chosen to offload any functions orwork to (e.g., managing user mappings or preferences).

In some embodiments, there may be various functions that are entrustedto the one or more CDN vendors 160 to perform on behalf of the CDN 110as a translation layer between the CDN 110 and the participants of thereal-time bidding process or as a third party facilitator of thereal-time bidding process. For instance, the CDN 110 may utilize the oneor more CDN vendors 160 to manage one or more databases and performidentity and access management functionality (e.g., identity translationor identity escrow) for the participants of the real-time biddingprocess. The CDN 110 may also utilize the one or more CDN vendors 160 tomanage performance aggregation functionality (e.g., “clean room” dataprocessing).

In some embodiments, the CDN vendors 160 may perform identity managementfunctions, such as identity management functions associated with theprocessing of personally identifiable information (PII), which is anydata that could potentially identify a specific individual, distinguishone person from another, or be used for de-anonymizing previouslyanonymous data. These identity management functions may include:receiving, holding, or protecting personally identifiable information(PII); holding or processing metadata on the PII; encrypting, hashing,or tokenizing PII; and/or delivering encrypted or tokenized PII.

In some embodiments, the CDN vendors 160 may perform performanceaggregation and “clean room” data processing functions, such asreceiving log level data (e.g., bid, impressions, online events,attributed event, etc.); processing log level data into aggregatedperformance data; receiving or producing tokens/pseudonymous identifiersfor use in data processing or safe delivery to a third party; deliveringprocessed performance data and/or log level data to permission parties;and/or intaking third-party algorithms, training third-party algorithmson permissioned logs, and enabling use of the third-party algorithms foractivation in real-time or on an ad hoc basis.

FIG. 2 is a data flow diagram illustrating an example process 200 forusing a CDN 210 to protect user identities within a digital advertisingecosystem, according to some embodiments of the present disclosure. Itshould be noted that FIG. 2 is primarily described within the context ofhaving a CDN 210 identify users using deterministic identifiers.However, in some embodiments, probabilistic identifiers may be usedinstead and the CDN 210 (or a CDN vendor tasked with managing the userdatabase) may execute code to identify users probabilistically, and thenthe CDN 210 may pass those probabilistic identifiers to parties withinthe digital advertising ecosystem (e.g., participants of a real-timebidding process).

At circle 1, an advertiser 230 may provide a set of information to theCDN 210, and the set of information may include a deterministicidentifier associated with a user (for example, user 220) and detailsassociated with market segment membership/association orbrowsing/purchasing behavior/preferences of the user (for example,information regarding the particular user's preferences for products,services, or businesses, and so forth). This transmitted set ofinformation may be collected from any suitable source, such as fromfirst party data collected by the advertiser 230. For instance, thisinformation can be collected from software running on the user device225 when the user 220 utilizes the user device 225 to browse or purchasegoods or services. Or, the information may have been provided and madeavailable to the advertiser 230 by a third-party, such as from datacollected by the publisher 215.

The deterministic identifier associated with a particular user may be alexical token (for example, any combination of words, numbers, letters,or symbols) that is associated with any type of suitable identifyingdata that has been collected for the particular user (for example, suchas usernames, logins, registration data, emails, offline customer dataor IDs, and so forth) or derived from such data (for example, a hash).Any privacy concerns associated with directly revealing personallyidentifiable information for the user can be addressed by implementing adeterministic identifier that obfuscates that information (for example,coding the deterministic identifier into a long string of integers,hashing/encrypting the information to generate the deterministicidentifier, and so forth). The deterministic identifier may make itpossible to determine with certainty that the rest of the data in thetransmitted set of information data relates to that particular user.

The information regarding the browsing or purchasing behavior of theuser, or the user's preferences for products, services, or businesses,may include details tied to those goods or services. For instance, theinformation may include attributes or identifiers (for example, aproduct identifier) associated with those goods and services, the pricethat the user paid, common features offered among a group ofclosely-related goods the user viewed, and so forth.

The CDN 210 may store this received information by indexing it to thecorresponding deterministic identifier (for example, store all thebehavior and preferences of user 220 indexed to the user's emailaddress) or user identity/profile associated with a user (for example,use the received deterministic identifier to look up a useridentity/profile that can have many deterministic identifiers attachedto it, and then store the received set of information to that useridentity/profile).

It should be noted that a specific, main example is referencedthroughout the discussion of the example process 200 in order tofacilitate a better understanding of the example process 200, but theexample process 200 may be used in various other contexts. For this mainexample, consider the scenario that the user 220 used an application ontheir user device 225 (for example, a mobile device) to purchase aparticular brand of diapers associated with the advertiser 230. Theadvertiser 230 may be able to collect first party data from the purchasethrough the application (especially if the application was provided bythe advertiser 230), which could include a deterministic identifier (forexample, email associated with the user 220 used for the purchase) anddetails or attributes associated with the purchase (for example, aproduct identifier for that specific diaper product). The advertiser 230can send this information to the CDN 210 to be saved.

Although only one advertiser 230 is shown in the figure, it should beunderstood that there can be multiple advertisers which collectinformation and send it to the CDN 210 to be saved. In some embodiments,the CDN 210 may have an ingestion mechanism for intaking information(e.g., user PII, such as a phone number or email address) from variousadvertisers, extracting the PII from the information, hashing orencrypting the PII, and then storing that PII in one or more databasesthat correspond to the data collected by different advertisers. The CDN210 may also track and manage contractual relationships betweendifferent entities in the digital advertisement ecosystem (e.g.,publishers and advertisers), such as via one or more databases. For aparticular bid opportunity offered by a publisher, the CDN 210 may beable to check which advertisers have a contract with the publisher usingan identity resolution mechanism. Advertisers with contractualrelationships may be allowed to bid on the bid opportunity. Furthermore,the CDN 210 may match the user PII associated with the bid opportunityto the PII collected by an advertiser (and ingested/stored by the CDN210) in order to provide the advertiser with their collected PII formaking bid decisions. In order to do this, the CDN 210 may apply thesame hash or encryption function to all the PII that it ingests andstores (e.g., the PII collected by different advertisers), which allowsthe PII for any advertiser to be matched to the user PII associated witha bid opportunity.

At circle 2, the advertiser 230 may determine the details for an adcampaign and send that information to a DSP 235 to use for evaluatingand bidding on impression opportunities during the real-time biddingprocess. This ad campaign may be directed to a first party audience or asegment of a first party audience, for which the advertiser 230 may havefirst party data (for example, data collected directly from theaudience, which can include customers, site visitors, app users, socialmedia followers, and so forth) or a deterministic identifier for. The adcampaign may also be directed at particular publishers or types ofpublishers. For instance, within the context of the main example, theadvertiser 230 may inform the DSP 235 that they wish to purchaseimpressions with publisher 215 for their first party audience thatbought a brand ‘X’ of diapers (for example, diapers offered by theadvertiser 230). In some embodiments, the ad campaign may include apre-cached bid that specifies a price the advertiser 230 is willing topay for impressions that meet their criteria.

At circle 3, the publisher 215 may provide information to the CDN 210 onany available impression opportunities (for example, with the publisher215) that will later be sent to the SSP 240. This information mayinclude any deterministic identifiers of users that are logging-on oraccessing content provided by the publisher 215. For instance, withinthe context of the main example, the publisher 215 may provide, to theCDN 210, a deterministic identifier (for example, email) associated withthe account (for example, account with the publisher 215) of a user 220accessing content provided by the publisher 215. The publisher 215 coulddetermine the deterministic identifier associated with the user 220 whenthe user 220 logs on to a website or a streaming video application ofthe publisher 215.

At circle 4, the CDN 210 may create an encrypted, electronic token forthe deterministic identifier received from the publisher 215 (forexample, at circle 3). The token may contain available information aboutsegment membership/association for the user associated with the receiveddeterministic identifier, which the CDN 210 can look-up and retrievebased on the received deterministic identifier. This token should notcontain the received deterministic identifier, any other deterministicidentifiers associated with the user, or any other personallyidentifiable information for the user. For instance, within the contextof the main example, the CDN 210 may receive from the publisher 215 (forexample, at circle 3) an email address for user 220 and check to see ifany segment membership/association information exists for that emailaddress or a user identity/profile associated with that email address.Either case would suffice here if the user 220 used the same emailaddress with the advertiser 230 and the publisher 215, as thedeterministic identifier received from the publisher 215 (for example,at circle 3) would match the deterministic identifier received from theadvertiser 230 (for example, at circle 1) and can be used to look-up andretrieve the available segment membership/association (for example,stored at circle 1). In this case, the segment membership/associationinformation for user 220 included in the token would indicate that theuser 220 is a first party audience of advertiser 230 and has purchasedbrand ‘X’ diapers.

At circle 5, the CDN 210 may pass the encrypted, electronic token (forexample, generated at circle 4 for the deterministic identifier receivedfrom the publisher 215) to the DSP 235. In some embodiments, the CDN 210may proactively push the token to the DSP 235 (e.g., the DSP 235 mayhave an endpoint listening for push requests).

At circle 6, the CDN 210 may pass the encrypted, electronic token (forexample, generated at circle 4 for the deterministic identifier receivedfrom the publisher 215) to the publisher 215, which the publisher 215can submit alongside a bid request.

At circle 7, the publisher 215 may include the encrypted, electronictoken with a bid request to a SSP 240. The bid request may containstandard bid request information, examples of which include publisherinformation and settings; platform information and settings; and anyrelevant user-data available to the publisher 215, includinggeographical location, IP address, cookies, and so forth.

At circle 8, the SSP 240 may send a bid request to the DSP 235 alongwith the encrypted, electronic token received from the publisher 215.Again, this bid request may include standard bid request information,including publisher information and settings, platform information andsettings, and so forth. The bid request may also contain additionalinformation included by the SSP 240. In some cases, the bid request mayinclude any relevant user data available to the publisher 215, includinggeographical location, users cookies, IP addresses, and so forth.

However, it should be noted that, in order to truly obfuscate user dataand user identities from DSP 235, this bid request should not includeany unique identifiers or any “persistent” identifiers such as IPaddress. Otherwise the DSP 235 will be able to associate the impressionsthat it bids upon (on behalf of advertiser 230) with the unique orpersistent identifiers in its logs and track the impressions that havebeen associated with a particular unique or persistent identifier.However, obfuscating user identities in this manner would obstruct theability of DSP 235 to run attribution and track its performance (forexample, for reporting back to the advertiser 230), since the encryptedtoken would rotate and is, by itself, insufficient for this purpose. Inorder to provide log data back to the advertiser 230 and properly runattribution, there would need to be a subsequent set of steps performed(not shown) following the example process 200. These steps may includeproviding the CDN 210 with the win notification indicating the winningbid and price. The CDN 210 may decrypt the token associated with theimpression opportunity and pass bid data to the advertiser 230 in realtime, which stores the bid data. The advertiser 230 can then runattribution and notify the DSP 235 of performance (for example,aggregate performance for an in-UI visualization or feature-levelperformance to update algorithm coefficients). Furthermore, obfuscatinguser identities in this manner would also obstruct the ability of DSP235 to frequency cap users (for example, if the advertiser only wants toreach a user 3× per day, then the DSP 235 would not be able to measurethis). Additionally, it would obstruct the ability of DSP 235 to conductits own geographic identification from IP addresses (versus relying onlocation data received in the bid request). For example, the DSP 235 mayuse an IP address to determine where a user is located in order to honorgeo-targeting restrictions (e.g. “only target users in Texas”). Comparedto the aggregation of performance data (which can be performed in abatch, e.g., daily), these examples may require a closer to real-timenotification from the CDN 210. For instance, if an identity werecompletely obfuscated from the DSP 235, in order to conduct legitimatefrequency capping, the DSP 235 would have to receive a metadata signalincluded in the token with the user frequency measurement (e.g., therehave been two impressions from this advertiser on this user so fartoday).

These reconciliation steps may be important because, in somecircumstances, if a DSP does not have access to user IDs (e.g.,cookie/device IDs) in log level data, then the DSP is unable to performcertain critical functions, including attribution and frequencymanagement. Thus, obfuscation of cookie/device IDs from the DSP withoutadditional safeguards may impact the functionality of the DSP outsidethe context of this tokenized-CDN process described herein. There may beother additional downstream impacts from not providing DSP access touser IDs in log level data, including the inability to provideperformance reporting (which fuels in-UI performance visualizations,expected by users of a DSP) and the inability to ingest conversion datainto bidding algorithms. These reconciliation steps may serve to rectifythe effects of obfuscating cookie/device IDs from the DSP.

For instance, these reconciliation steps may enable frequencymanagement. For instance, the frequency regarding the number of times aparticular user has been served an impression via this tokenized-CDNprocess may be retrievable from the encrypted token. However, since it'spossible (and likely) that an advertiser would also be buyingimpressions on a given user outside of this tokenized-CDN process, theDSP would need to merge the frequency count of the tokenized-CDNimpressions with the frequency count of non-CDN impressions to honor anadvertiser's holistic frequency settings. For example, if “user123” isserved 2 impressions via the tokenized-CDN workflow represented by theexample process 200, and 3 impressions outside of the tokenized-CDNworkflow, the DSP would need to recognize a total frequency of 5.

The reconciliation steps may also enable tracking and reporting ofperformance data. Log level data for impression purchases across CDNsand non-CDN may be accessible by the advertiser or the CDN, who couldmerge the datasets and run attribution. Without log data that includesthe user ID (for example, a cookie, device ID, IP address, other usertoken, etc.), some types of common aggregate performance data isimpossible for the DSP to construct on their own, meaning whicheverentity merged the log data and ran attribution would need to notify theDSP of aggregate performance in order for expected data notificationsand visualizations to be present in the DSP user interface. A few typesof aggregate performance data would still be possible to constructdepending on the advertiser's marketing goals. For example, anadvertiser may just want to see a certain cost per click or spending ofa certain budget level.

The reconciliation steps may also enable the conversion of relevant datainto bidding algorithms for an advertiser. In general, DSPs will takelog data and attributed events into consideration when scoring bidopportunities for advertisers. Without access to the all the log datafor an advertiser, the DSP would be far less equipped to generate analgorithm specific to the advertiser in question. This can be fixed byhaving the advertiser (or an entity acting on the advertiser's behalf)to notify the DSP of updates to bidding algorithms for the advertiserbased on learnings gleaned from the merged log data, although not allDSPs will have functionality enabling an advertiser to update theirbidding algorithm.

It should also be noted that, in some embodiments, circle 8 and itsassociated steps may not be need to be performed in the mannerillustrated. For instance, in some embodiments, the DSP 235 may notreceive the bid request for filtering bids based on bid opportunityattributes, and SSP 240 may send a bid request to the advertiser 230. Insome embodiments, the CDN 210 may be capable of performing computations(for example, edge computations) and can make bidding decisions onbehalf of the DSP 235. For instance, the DSP 235 can provide the CDN 210with bidding logic associated with the ad campaign provided by theadvertiser 230, which would make it unnecessary for the SSP 240 to senda bid request to the DSP 235.

The DSP 235 may attempt to decrypt the token that it received in orderto read the segment membership/association information on the token, sothat the DSP 235 can learn more about the impression opportunity beingoffered and if lines up with the advertising campaign specified by theadvertiser 230. Any suitable encryption/decryption scheme may be usedwith the token. For instance, the token may be encrypted by the CDN 210using a symmetric key algorithm (for example, encrypting the token witha shared secret that is known to both the CDN 210 and the DSP 235) or anasymmetric key algorithm with the decryption key known to the DSP 235.The DSP 235 would be able to decrypt the token, while the publisher 215or the SSP 240 would remain unable to decrypt the token.

In the case that the DSP 235 cannot decrypt the token, at circle 9, theDSP 235 may be able to contact the CDN 210 in order to obtain theinformation about advertiser ownership and segmentmembership/association that is on the token. In some cases, the CDN 210may send any segment membership/association that it has on file (forexample, from first-party data collected by one or more entities, suchas multiple advertisers) for that particular user.

At circle 10, the DSP 235 may determine if the audience associated withthe impression opportunity should be bid on (for example, on behalf ofadvertiser 230) based on the ad campaign established by the advertiser230. Then, at circle 11, the DSP 235 may send the bid response back tothe SSP 240 based on its determination.

For instance, within the context of the main example, the DSP 235 maydetermine from the information on the token that the impressionopportunity is associated with user 220, whose segmentmembership/association information indicates is a first party audienceof advertiser 230 and has purchased brand ‘X’ diapers. In addition, thisimpression opportunity is offered by the publisher 215, so all thecriteria for the ad campaign established by the advertiser 230 are met.Thus, the DSP 235 would bid on this impression opportunity and send thebid response to SSP 240. In some embodiments, the bid response mayinclude a price for the bid and/or instructions for retrieving theadvertisement (for example, associated with advertiser 230) to bedisplayed, such as a link or URL for the advertisement that is stored atan ad server (not shown).

At circle 12, assuming that the bid response received from the DSP 235is the winning bid, the SSP 240 would send the received bid responseback to the publisher 215. The publisher 215 (or in some cases, thepublisher ad server) may then act on the instructions for retrieving theadvertisement to be displayed. For instance, if the user 220 isaccessing content of the publisher 215 via a web browser, the publisher215 may use a still-open HTTP connection to inform the web browser toretrieve the ad from the ad server (for example, using the provided linkor URL in the bid response) and display it on the web page.Alternatively, if the user 220 is accessing streaming video from thepublisher 215 through an application (for example, a mobile app), thepublisher 215 could inform the application to retrieve a video ad fromthe ad server (for example, using the provided link or URL in the bidresponse) and play it in the application.

A win notification can then be sent out at impression time (for example,once the ad is retrieved and rendered on the user device 225), such asby the SSP 240 to the DSP 235 for attribution. As previously mentionedhowever, if user identities are fully obstructed, the DSP 235 would notbe able to run attribution and track performance. One possibility isthat the SSP 240 may send a win notification to the CDN 210 indicatingthe winning bid and price. The CDN 210 may decrypt the token associatedwith the impression and pass the bid data back to the advertiser 230 inreal time, which stores the bid data. The advertiser 230 can then runattribution instead of the DSP 235 and then notify the DSP 235 ofperformance.

It should be noted that most of the example process 200 shown can occurwithin a fraction of a second, or may be designed to occur within afraction of the second. For instance, the actions associated withcircles 3-12 (for example, the determination of an ad to display to auser) may be performed within the time it takes for the user 220 toaccess, retrieve, and render content from the publisher 215. Thus, speedand efficiency may be of the essence and the integration of the CDN 210in the manner shown in the example process 200 may provide thatnecessary speed and efficiency, while also serving to protect useridentities within the digital advertising ecosystem.

It should also be noted that the example process 200 involves the use ofa deterministic identifier, and other processes or workflows may berequired when only probabilistic identifiers such as cookies and/or IPaddress are available.

FIG. 3 is a data flow diagram illustrating an example process 300 forusing a CDN for conducting header bidding within a digital advertisementecosystem, in accordance with embodiments of the present disclosure.

In many instances, publishers will attempt to maximize their revenuefrom a real-time bidding auction using a method that has been referredto as the “waterfall” method. Under the waterfall method, publisherswill try to maximizing their revenue in a RTB auction by offering theirad space to each ad exchange in a sequential, cascading fashion. Morespecifically, the publisher may assign a price floor to an impressionopportunity and then offer it to bidders (for example, ad exchanges,such as DSPs)—one bidder at a time. If there are advertisers at thefirst ad exchange bidding over the price floor, then the advertiser withthe highest bid would win the auction for the impression opportunity.However, if at the first ad exchange, there are no bids from advertisersover the publisher's price floor, then the impression opportunity issent to the next ad exchange but with a lower price floor assigned tothe impression opportunity. This continues until there is an advertiserat an exchange that bids high enough over the price floor. One majorproblem with this waterfall method is that an advertiser in a lower ofstage of the waterfall may be willing to pay more than an advertiser ata higher stage, but they will never get the chance to bid on theimpression opportunity if a bid is accepted at the higher stage.

In order to address this issue, header bidding may be used instead.Under header bidding, all participants bid at the same time, whichallows the publisher to earn maximum revenue. For web-based content,this can be accomplished by embedding code in the header of thepublisher's webpage that requests bids from several ad exchanges atonce. Header bidding is then conducted client-side (for example, througha browser on the user device), with the browser relied upon for handlingthe different bid requests with the various individual ad exchanges.However, there can be problems arising from implementing header biddingin this manner. It can be a long, complicated, and counterintuitiveprocess for publishers to setup header bidding on their sites.Furthermore, browsers are optimized for displaying web pages to theuser, and having the browser additionally conduct header bidding placesheavy demands on the browser and can slow down considerably the speed atwhich content loads.

The illustrated example process 300 is one approach contemplated by thisdisclosure for addressing the technical shortcomings of header bidding.In particular, the processing of bid requests for header bidding can beoffloaded from the browser (for example, client side) and onto externalserver(s) (for example, a publisher ad server) or a compute-enabled CDN310. Publishers would still be required to embed some code in their webpages, but most of the processing can be handled by the CDN 310, whichwould be faster than having the browser perform header bidding.

Generally, users accessing web-based content from publishers may setpreferences in their browser or through the website for how they wish toreceive targeted ads and be tracked online. There may be laws thatrequire advertising entities to abide by a user's preferences, whichvary by region, or there may be other reasons for abiding by the user'spreferences. In order to honor the user's preferences, publishers muststore the user consent/preferences and notify their technology partners(e.g., entities within the digital ad ecosystem) of the user'spreferences. One technology used to facilitate storing and forwardinguser consent is a consent management platform. In some embodiments, thepublisher 315 may have consent management installed in its platform inorder to store, manage, and forward user consent to other entitieswithin the digital ad ecosystem. In some embodiments, a consentmanagement platform may be installed on the CDN 310, which allows theCDN 310 to be the loader of publisher site content, the entity shippingout bid requests to bidding partners (e.g., DSPs), and the entity forstoring, managing, and disseminating user consent/preferences. When auser accesses publisher content delivered via a CDN 310 with a consentmanagement platform, the CDN 310 may load a consent management program,register user consent/preferences as the user accesses the publisher'scontent in the user's session, and then forward the user's consent andpreferences along with bid requests to DSPs (e.g., DSPs 335), forimpression opportunities including current user session on the publisherand future sessions on any publisher.

A user 320 may attempt to access content of the publisher 315 throughtheir user device 325. At circle 1, the publisher 315 submits a bidrequest from the header to the CDN 310, along with any user data and/orsession information relevant to this impression opportunity. The bidrequest from the header may identify all the DSPs (for example, DSPs335) participating in the auction that would need to receive their ownindividual bid requests. The user data and session information mayinclude a deterministic identifier (for example, email for the user320), any first party data on the user collected by the publisher 315,opt-in consent from the user for enabling the CDN 310 to conduct headerbidding, and so forth.

The CDN 310 will receive this information. The CDN 310 may perform ahandshake using the received user data (for example, the receiveddeterministic identifier) in order to identify the associated uniqueuser identity and any additional user data that the CDN 310 may have onhand (for example, saved at an earlier step, such as via the processdescribed for circle 1 in FIG. 2). In some cases, the CDN 310 may beable to collect first party data for the user from a cloudlet (forexample, a mobility-enhanced small-scale cloud datacenter located at theedge) of the CDN 310. Collectively, all this user data may include anyavailable first party data or third party data for the user, adeterministic identifier for the user, opt-in consent by the user,details associated with market segment membership/association, detailsassociated with browsing/purchasing behavior/preferences of the user,attributes or identifiers associated with particular products or productpages (for example, offered by an advertiser), and so forth.

The CDN 310 may then generate an encrypted electronic token based onthis user data. Any suitable encryption/decryption scheme may be usedwith the token. For instance, the token may be encrypted by the CDN 310using a symmetric key algorithm (for example, encrypting the token witha shared secret that is known to the CDN 310 and can be shared with theDSPs 335) or an asymmetric key algorithm with the decryption key knownto the DSPs 335.

At circle 2, the CDN 310 may handle the header bidding by simultaneouslysending the encrypted token with a bid request to each of the DSPs 335,thereby offering the DSPs 335 the opportunity to all bid at the sametime.

Each of the DSPs 335 may decrypt the token using the decryption key andreview the included user data in order to determine eligibility forbidding on the impression opportunity. For instance, each of the DSPs335 may review the bidding algorithms or ad campaigns established by theadvertisers it represents, in order to determine if a bid should beplaced on behalf of an advertiser (for example, the user associated withthe impression opportunity fits the market segment/association or othercriteria of the ad campaign) and at what price.

At circle 3, any of the DSPs 335 that have determined eligibility forbidding may send a bid response back to the CDN 310. In someembodiments, the bid response may include a price for the bid and/orinstructions for retrieving the advertisement to be displayed, such as alink or URL for the advertisement that is stored at an ad server (notshown). The CDN 310 may conduct the auction for the impressionopportunity based on all the received bid responses in order todetermine a winning bid (for example, the highest price). If the CDN 310is overloaded (for example, conducting too many auctions), a publisherad server may be used to conduct the auction.

At circle 4, the CDN 310 may send the winning bid to the publisher 315along with instructions for retrieving the advertisement to bedisplayed, such as a link or URL for the advertisement that is stored atan ad server (not shown).

Since the CDN 310 determined the winner of the auction, at circle 5, theCDN 310 may send out the appropriate auction notifications to thevarious entities. The auction notifications may include winnotifications, costs taken by each party (for example, publisher, DSP,billing, consent, etc.), auction or bid data, and so forth. Inparticular, bid data can be sent to a billing entity 355, which mayperform a billing and reconciliation function (typically a SSPfunction). In some cases, the billing entity 355 may be a SSP.Additionally, the auction notifications may provide all A&A (advertisingand analytics) data to the DSPs 335 for transparency purposes.

It should be noted that most of the example process 300 shown can occurwithin a fraction of a second, or may be designed to occur within afraction of the second. For instance, the actions associated withcircles 1-4 (for example, the determination of an ad to display to auser) may be performed within the time it takes for the user 320 toaccess, retrieve, and render content from the publisher 315. Thus, speedand efficiency may be of the essence and the integration of the CDN 310in the manner shown in the example process 300 may provide thatnecessary speed and efficiency by having the CDN 310 handle headerbidding, while also serving to maximize the revenue received by thepublisher 315.

FIG. 4 is a data flow diagram illustrating an example process 400 forusing a CDN to host syncs (for example, user mappings) for participantswithin a digital advertising ecosystem, in accordance with embodimentsof the present disclosure.

Within the context of digital advertising, site tracking of a user caninitiated by a tag embedded in the content, which can include code fordetermining whether to retrieve a pixel from an ad server. Whenretrieved, a pixel may be a small block of script or code that places acookie onto the user's browser, linking that user's web browser withtheir website visit. In some cases, the cookie may be a third-partycookie, which is retrieved from a different domain than the domain ofthe URL in the browser. These third-party cookies, also referred to astracking cookies, are often maintained by third-party trackers (oftenadvertisers or ad networks) and can be used to track a user's behavior,such as the content they view on that website and the things they clickon (for example products and ads). The trackers can then use thisinformation to display adverts to the user when they visit different websites.

However, cookies are domain-specific and traditional web browsertechnology typically allows only for identifying cookies only from thedomain from which the cookie was set. Thus, an advertising platformcannot read cookies for other advertising platforms or websites, whichlimits the effectiveness of cookies for advertising purposes and thepotential amount of information that can be collected about a user. Forinstance, a DSP or SSP may only be able to evaluate a cookie that theyset themselves, but be unable to determine if the other side (counterparty) has a cookie on that given user. However, it may be very usefulto determine if another party has cookies on a given user. For instance,a DSP may wish to determine if a SSP has a cookie on a given user forbidding purposes (for example, the DSP may be willing to place higherbids on users for which the SSP already has cookies on a given user).

In order to share user data, advertising platforms perform a processknown as cookie syncing, in which the user identifiers for a user aremapped from one system to another. When an advertising platform createsa third-party cookie for a user, it can perform a pixel redirect to asecond advertising platform and forward the unique user identifier thatit assigned to the user as a parameter (for example, http redirect thead request to the pixel URL of the second advertising platform, passingthe user ID in the URL parameter). The second advertising platform cando its own pixel redirect and send back the unique user identifier thatthe second advertising platform assigned to the user as a parameter.Thus, each advertising platform would maintain its own cookie-matchingtable that stores information for all the user identifiers (for example,assigned by the various advertising platforms participating incookie-syncing) associated with a unique user. Alternatively, whendealing with first-party cookies for a user, the cookie syncing willrequire mapping first-party cookies across domains with adeterministic/probabilistic identifier. If first-party cookies and somekind of persistent ID are present, then the CDN can still perform amaster mapping/notification (syncing) system across partners.

In the example process 400, the CDN 410 can be used to handle sitetracking for users in a manner that would reduce publisher load timesand move all tag management to the CDN 410, simplifying the tagmanagement associated with piggybacking pixels.

At circle 1, an advertiser 430 (alternatively, a publisher, e.g., theowner of the web property) may place a CDN-owned master-tracking tag ona site for tracking a user depending on purpose. For instance,advertisers may use tags to direct a browser to a particular image orvideo, third-party trackers may use tags to collect segment informationabout users across websites, and so forth.

At circle 2, the sync pixels (or any other user ID tracking technology)can be stored and hosted by the CDN 410 for the advertiser 430 and anysupply partners (for example, DSPs, SSPs, data providers, and any techvendors). As shown in the figure, the supply partners in this instancemay include the DSP 435, the DSP 436, the site optimization vendor 445,and the site analytics vendor 450. In some embodiments, themaster-tracking tag may initiate the retrieval of one or more of thesync pixels from the CDN 410. Thus, the pixels would be retrieved fromthe CDN 410 rather than the advertiser 430 or supply partnersthemselves, which would be faster and reduce publisher load times. Insome embodiments (not shown), the CDN 410 may even maintain its owncookie-matching table and store the user identifiers assigned by all thecookie-issuing participants to each unique user identity.

Once all the sync pixels are stored on the CDN 410, various scenariosare contemplated at this point within the example process 400, asreferenced by letters A through D.

For instance, scenario A, represented by circle A, involves the CDN 410conducting header bidding (for example, as described with regards toFIG. 3). The CDN 410 can send a bid request associated with headerbidding for an impression opportunity to the DSP 435. The DSP 435 candetermine that the user is eligible for targeting (for example, afterdecrypting the token including the user data) and submit a bid responseback to the CDN 410.

Scenario B, represented by circle B, involves SSP 440 sending DSP 436 abid request for an impression opportunity initially sent to SSP 440. TheSSP 440 may be a cloud subscriber to the user identifiers of DSP 436(for example, SSP 440 and DSP 436 may engage in cookie syncing and themapping of user identifiers). Thus, the SSP 440 may pass a useridentifier of DSP 436 for the user associated with the impressionopportunity, along with the bid request. DSP 436 can use the useridentifier to retrieve any collected information about the user,determine eligibility for bidding on the impression opportunity, andthen send a bid response back to the SSP 440.

It should be noted that for both scenario A and scenario B, the decision(demand) latency can be reduced if the DSP published identity graph orother user data to the CDN 410 as well. This could also enablecross-device sharing for dynamic creative optimization, userattribute/segment association sharing for site optimization, and soforth.

An example scenario benefiting from reduced decision latency would be ifthe data within a decrypted token includes a device ID or cookie ID, andthe DSP may have the opportunity to look up that ID in a device graph oridentity graph to determine bid eligibility for advertisers which haveenabled cross-device targeting. For example, if a decrypted tokenincludes “cookie123”, an advertiser's marketing campaign is targeting“cookie456”, and the DSP has a cross-device graph which has linked“cookie123” and “cookie456”, then the DSP will consider the bidopportunity eligible for the advertiser to bid on (e.g., “matched”).However, this look-up process for determining bid eligibility takestime, and the latency could possibly be reduced if the device graph werestored in full/part on the CDN 410 (which could then manage the lookup).Beyond cross-device association, the DSP may have other criteria for a“matched” impression on user IDs, such as segment association. Forexample, an advertiser may want to target users who have shown aninterest in luxury goods, “segment789.” When a bid request comes to theDSP, “segment789” must be referenced to determine eligibility (is theuser associated with the impression opportunity a match, and thereforeavailable for bidding).

If the DSP is the owner of the data (e.g., segment association data fordetermining if a user ID is associated with a market segment), they mayalso enable other entities in the advertising vendor chain to receivethe same information the DSP used to inform a decision on the impression(e.g., enable other entities as subscribers of their (DSP) data). Thisis an ancillary benefit to the primary benefit described above (latencyreduction). In other words, since the DSP already has their data storedon the CDN 410 to reduce latency, they can therefore enable access tothe data in a scalable way to other entities that would benefit from thedata, such as an advertiser (e.g., a dynamic creative vendor receivingcross-device association could result in a reduction of default adsbeing displayed to a cross-device extended first-party audience,recognized by the DSP and not the dynamic creative vendor).

Scenario C, represented by circle C, involves a site optimization vendor445. The advertiser 430 may be able to pass user activity data to thesite optimization vendor 445 through the CDN 410. The site optimizationvendor 445 can run analytics on this user activity data to determinesite content loading instructions specific to the user and return thoseinstructions to the CDN 410, which can load the page content based onthe instructions of the site optimization vendor 445.

Scenario D, represented by circle D, involves a site analytics vendor450. The advertiser 430 may be able to pass user activity data to thesite analytics vendor 450 through the CDN 410. The advertiser 430 may beable to use the data visualization user interface provided by the siteanalytics vendor 450 to interpret user activity data.

It should be noted that FIG. 4 is described within the context ofsharing user data through the process of cookie syncing usingthird-party cookies. However, the cookie syncing functionality of theCDN 410 may be expanded to include the use of first-party cookies andusing deterministic/probabilistic identifiers to link across differentsite domains. A first party cookie would require the CDN 410 to performplacement of the first party cookie and pair it with a deterministic orprobabilistic ID to link across the first party domain. For instance, ifthe CDN 410 were injecting a first entity's cookie into the first party,and an advertiser wished for the ID of a second entity to be injected inthe first party as well, there may be a synthetic ID that would probablybe different for the first and second entities. However, the CDN 410 mayhave a deterministic or probabilistic identifier that can be used tolink those two entities on IDs together.

FIG. 5 is a data flow diagram illustrating an example process 500 forusing a CDN to distribute forwarded bids within a digital advertisingecosystem, in accordance with embodiments of the present disclosure.

More specifically, the CDN 510 may be used to filter impressionopportunities presented by a DSP to an advertiser for real-time bidding(for example, when there are no pre-cached bids or ad campaignsestablished with the DSP).

At circle 1, an advertiser 530 may subscribe to bid opportunities withthe CDN 510.

At circle 2, the DSP 535 (or any other suitable supply source) maypublish filtered bid opportunities to the CDN 510 (for example, ratherthan informing the advertiser 530 directly). In some embodiments, thesebid opportunities may be in real-time. The CDN 510 then forwards thesepublished bid opportunities to the appropriate advertisers based ontheir subscriptions (for example, established at circle 1). Thus, theCDN 510 may be used to filter bid opportunities to be presented todifferent advertisers. For instance, the CDN 510 may determine that onlya subset of the published bid opportunities from the DSP 535 arerelevant to the advertiser 530 and should be presented to the advertiser530 based on the advertiser's subscription.

At circle 3, the advertiser 530 can return bid responses to the bidopportunities that it received. Alternatively, the advertiser 530 mayprovide its bidding algorithm to the CDN 510 (for example, at an earlierpoint in time), and the CDN 510 may store and execute the biddingalgorithm on behalf of the advertiser 530.

At circle 4, the DSP 535 will receive bids back from the advertiser 530or the CDN 510, if the CDN 510 is executing a bidding algorithm onbehalf of the advertiser 530.

Finally, the CDN 510 may store bid win/loss data, which can beretrievable by the advertiser 530 and the DSP 535.

It should be noted that most of the example process 500 shown can occurwithin a fraction of a second, or may be designed to occur within afraction of the second. For instance, the actions associated withcircles 2-4 (for example, publishing, filtering, and responding to bidopportunities) may be performed within seconds. Thus, speed andefficiency may be of the essence and the integration of the CDN 510 inthe manner shown in the example process 500 may provide that necessaryspeed and efficiency. In particular, if the CDN 510 is fast enough, iteliminates the need for co-locating servers/building infrastructure andallows the CDN 510 to distribute forwarded bids.

FIG. 9A is a block diagram illustrating an example workflow betweenparticipants of a digital advertising ecosystem, according to someembodiments of the present disclosure.

At block 902, a user may access a resource of a publisher using a userdevice. The user may provide, or may have previously provided,personally identifiable information (PII) to the publisher, such as ifthe user has an account established with the publisher.

In some cases, the publisher may provide content to the user along withan advertisement that is selected through real-time bidding. In order todo so, at block 904, the publisher may hash, encrypt, or tokenize PIIassociated with the user. Then, at block 906, the publisher may send abid opportunity with the hashed, encrypted, or tokenized user PII to theCDN.

When the CDN receives the bid opportunity with the hashed, encrypted, ortokenized user PII, the CDN may look-up or decrypt the hashed,encrypted, or tokenized user PII in order to obtain the user PII inplaintext. At block 908, the CDN may check the contracting partiesassociated with the specific publisher that sent the bid opportunity.The CDN may maintain a database of publishers and any contractingparties associated with each publisher, and the CDN may reference thisdatabase. Contracting parties associated with a publisher may includeparties that the publisher has allowed to participate in the real-timebidding process for a bid opportunity provided by the publisher.

At block 910, the CDN may take the plaintext user PII obtained from thebid opportunity and match it to any user PII in the database associatedwith each contracting party. The CDN may maintain a database for eachcontracting party that contains the PII (for various users) which havebeen collected by that contracting party. The CDN may collect, fromacross these contracting party databases, all the user PII andcorresponding metadata that matches to the plaintext user PII andbelongs to the user identity.

At block 912, the CDN may generate an ephemeral identity token based onthe user identity and metadata, and at block 914, the CDN may submit thebid opportunity (provided by the publisher at block 906) and theephemeral identity token to the participants of the real-time bidding.

At block 916, the real-time bidding participants may perform real-timebidding using the ephemeral identity token generated by the CDN. Atblock 918, the real-time bidding participants may determine a winningbid and price and provide that information in a win notification toeither the CDN and/or the publisher. At block 920, the CDN and/or thepublisher may receive the win notification, and at block 922, the CDNand/or the publisher (depending on where the ad is stored) may retrievethe ad associated with the winning bid and provide it to the userdevice, which will display the ad to the user at block 918.

FIG. 9B is a block diagram illustrating an example workflow betweenparticipants of a digital advertising ecosystem, according to someembodiments of the present disclosure. The workflow illustrated in FIG.9B is similar to the workflow illustrated in FIG. 9A, but there are somedifferences introduced by the addition of one or more CDN vendors intothe workflow. In particular, there may be one or more CDN vendors thatmay be configured to perform functions or processes in place of the CDN,such as the functions or processes associated with blocks 958, 960, or962. It should also be noted that some of these functions and processesmay be performed by different CDN vendors. For example, blocks 958, 960,and 962 may be performed by three respective CDN vendors.

At block 952, a user may access a resource of a publisher using a userdevice. The user may provide, or may have previously provided,personally identifiable information (PII) to the publisher, such as ifthe user has an account established with the publisher.

In some cases, the publisher may provide content to the user along withan advertisement that is selected through real-time bidding. In order todo so, at block 954, the publisher may hash, encrypt, or tokenize PIIassociated with the user. Then, at block 956, the publisher may send abid opportunity with the hashed, encrypted, or tokenized user PII to theCDN. When the CDN receives the bid opportunity with the hashed,encrypted, or tokenized user PII, the CDN may look-up or decrypt thehashed, encrypted, or tokenized user PII in order to obtain the user PIIin plaintext.

At block 958, either the CDN or a CDN vendor may check the contractingparties associated with the specific publisher that sent the bidopportunity.

In the first case where the CDN checks the contracting parties, the CDNmay maintain and reference a database of publishers and any contractingparties associated with each publisher. The contracting partiesassociated with a publisher may include parties that the publisher hasallowed to participate in the real-time bidding process for a bidopportunity provided by the publisher.

In the second case where a CDN vendor checks the contracting parties,the CDN vendor may maintain the database of publishers and anycontracting parties associated with each publisher. Prior to block 958,the CDN may inform the CDN vendor of the specific publisher that sentthe bid opportunity, which the CDN vendor can then use to reference itsdatabase to determine the contracting parties associated with thatpublisher.

At block 960, either the CDN or a CDN vendor may take the plaintext userPII obtained from the bid opportunity and match it against user PII inthe database associated with each contracting party.

In the first case where the CDN performs the matching, the CDN maymaintain a database for each contracting party that will contain PII(for various users) collected by the respective contracting party. TheCDN may collect, from across these contracting party databases, all theuser PII and corresponding metadata that matches to the plaintext userPII and belongs to the user identity. If a CDN vendor had performedblock 958, then the CDN vendor may first supply a list of contractingparties to the CDN so that the CDN knows which contracting partydatabases to search for the matching process.

In the second case where the CDN vendor performs the matching, the CDNvendor may maintain the database for each contracting party, whichcontain PII (for various users) collected by the respective contractingparty. The CDN vendor may collect all the user PII and metadata fromacross these contracting party databases that correspond to theplaintext user PII and belong to the user identity. If the CDN or adifferent CDN vendor had performed block 958, then this CDN vendor wouldfirst have to obtain the list of contracting parties from the entitythat performed block 958 in order for this CDN vendor to know whichcontracting party databases to search for the matching process.

At block 962, either the CDN or a CDN vendor may generate an ephemeralidentity token based on the user identity and metadata. This ephemeralidentity token may contain available information about segmentmembership/association for the user identity. For example, the ephemeralidentity token could indicate that the user identity has a preferencefor brand ‘X’ diapers.

In the first case where the CDN generates the ephemeral identity token,if a CDN vendor had performed block 960, then that CDN vendor may firstsupply matching user PII and metadata to the CDN for use in generatingthe ephemeral identity token at block 962. Otherwise, if the CDN alreadyhas matching user PII and metadata on-hand, the CDN can directly proceedto generating the ephemeral identity token.

In the second case where a CDN vendor generates the ephemeral identitytoken, if the CDN or a different CDN vendor had performed block 960,then the CDN vendor may first have to obtain the matching user PII andmetadata in order to use that information to generate the ephemeralidentity token at block 962. Otherwise, if the CDN vendor already hasmatching user PII and metadata on-hand (e.g., the CDN vendor alsoperformed the matching at block 960), the CDN vendor can directlyproceed to generating the ephemeral identity token.

At block 964, the CDN may submit the bid opportunity (provided by thepublisher at block 956) and the ephemeral identity token to theparticipants of the real-time bidding process. If a CDN vendor generatedthe ephemeral identity token at block 962, the CDN may first receive theephemeral identity token from the CDN vendor.

At block 966, the real-time bidding participants may perform real-timebidding using the ephemeral identity token provided by the CDN. At block968, the real-time bidding participants may determine a winning bid andprice and provide that information in a win notification to either theCDN and/or the publisher. At block 970, the CDN and/or the publisher mayreceive the win notification, and at block 972, the CDN and/or thepublisher (depending on where the ad is stored) may retrieve the adassociated with the winning bid and provide it to the user device, whichwill display the ad to the user at block 974.

FIG. 10A is a block diagram illustrating an example workflow betweenparticipants of a digital advertising ecosystem, according to someembodiments of the present disclosure. In some cases, the workflowillustrated in FIG. 10A may be performed in conjunction with theworkflow illustrated in FIG. 9A. For instance, FIG. 10A illustrates anexample workflow associated with a real-time bidding process that mayfit with blocks 916, 918, 920, 922, and 924 of FIG. 9A after thereal-time bidding participant(s) have already received a bid opportunityand ephemeral identity token from the CDN.

At block 1002, a real-time bidding participant may participate in thereal-time bidding using an ephemeral identity token received from theCDN and corresponding to the bid opportunity. However, the real-timebidding participant may require more information during this real-timebidding process. Accordingly, at block 1004, the real-time biddingparticipant may request a lookup on the ephemeral identity token.

At block 1006, the CDN may confirm that the real-time biddingparticipant is a contracting party for the publisher that provided thebid opportunity, such that the real-time bidding participant would haveauthorization to obtain additional information. In some cases, the CDNmay not have enough information on-hand to make this determination, andin such cases, the CDN may request that the publisher provideconfirmation that the real-time bidding participant is a contractingparty at block 1008.

After confirming that the real-time bidding participant is a contractingparty, at block 1010, the CDN may determine user PII from the ephemeralidentity token. However, the CDN may not necessarily pass PII directlyback to the real-time bidding participant in all cases.

In the cases where the CDN is passing PII back to the real-time biddingparticipant, the CDN may first repackage the PII for safe delivery byhashing or encrypting the PII. Thus, at block 1012, the CDN would firstgenerate and package this information about the PII (e.g., hash/encryptthe PII) and provide it back to the real-time bidding participant.

Alternatively, in the cases where the CDN is not providing PII to thereal-time bidding participant, the CDN may determine if the userassociated with the ephemeral identity token belongs to a segment ofusers that is immediately relevant to the real-time bidding participantrequesting the lookup. For instance, the CDN may determine if it shouldpackage relevant information, such as some kind of identifier (e.g., auser identifier) that has varying uses depending on the permissionsgranted to the real-time bidding participant. As a specific example, theCDN may package user segment membership back into a new token that thereal-time bidding participant can read for the purpose of decidingwhether to bid on the bid opportunity. This may be useful, for example,if the publisher wishes to hide PII from real-time bidding participantsthat are supply-side platforms (SSP) and/or demand-side platforms (DSP),and the publisher may allow a SSP/DSP to only receive a segmentidentifier signal (e.g., “seg ID 123” associated with advertiser ‘ABC’in-store purchasers) with the bid opportunity. Then, at block 1012, theCDN can hash or encrypt this information associated with the user PIIand provide it back to the real-time bidding participant.

At block 1014, the real-time bidding participant can receive the hashedor encrypted information about the PII from the CDN. The real-timebidding participant can extract this additional information and use itfor decision making in the bidding process, and at block 1016, thereal-time bidding participant can use the additional information toplace a bid. If the bid is the winning bid, then at block 1018, eitherthe CDN and/or the publisher may receive a win notification with thewinning bid and price. At block 1020, the CDN and/or the publisher(depending on where the ad associated with the winning bid is stored)may retrieve the ad associated with the winning bid and provide it tothe user device, which will display the ad to the user at block 1022.

FIG. 10B is a block diagram illustrating an example workflow betweenparticipants of a digital advertising ecosystem, according to someembodiments of the present disclosure. The workflow illustrated in FIG.10B is similar to the workflow illustrated in FIG. 10A, but there aresome differences introduced by the addition of one or more CDN vendorsinto the workflow. In particular, there may be one or more CDN vendorsthat may be configured to perform functions or processes in place of theCDN, such as the functions or processes associated with blocks 1056,1060, or 1062. It should also be noted that some of these functions andprocesses may be performed by different CDN vendors. For example, blocks1056, 1060, or 1062 may be performed by three respective CDN vendors.

At block 1052, a real-time bidding participant may participate in thereal-time bidding using an ephemeral identity token received from theCDN and corresponding to the bid opportunity. However, the real-timebidding participant may require more information during this real-timebidding process. Accordingly, at block 1054, the real-time biddingparticipant may request a lookup on the ephemeral identity token.

At block 1056, either the CDN or a CDN vendor may confirm that thereal-time bidding participant is a contracting party for the publisherthat provided the bid opportunity, such that the real-time biddingparticipant would have authorization to obtain additional information.In some embodiments, the CDN or the CDN vendor may have one or moredatabases for managing entity permissions in the chain (e.g., does aparticular DSP have the right to get information about a particularuser?), which can be referenced to make this determination. In somecases, the CDN or the CDN vendor may not have enough information on-handto make this determination, and in such cases, it may request that thepublisher provide confirmation that the real-time bidding participant isa contracting party at block 1058. If the real-time bidding participantis a contracting party for the publisher, then the workflow cancontinue.

At block 1060, either the CDN or a CDN vendor may determine user PIIfrom the ephemeral identity token. In some embodiments, the CDN or theCDN vendor may have one or more databases containing PII, segmentmembership, and any other relevant data for users. The CDN or CDN vendormay be able to reference these databases in order to find any availabledata (such as PII) corresponding to the particular user identified fromthe ephemeral identity token. However, the CDN may not necessarily passPII directly back to the real-time bidding participant in all cases.

In the cases where the CDN is passing PII back to the real-time biddingparticipant, the CDN or the CDN vendor may first repackage the PII forsafe delivery by hashing or encrypting the PII. At block 1062, the CDNmay generate and package this information about the PII (e.g.,hash/encrypt the PII) and then provide it to the real-time biddingparticipant. Alternatively, at block 1062, the CDN vendor could generateand package this information about the PII and then deliver it to theCDN, which will then forward the information to the real-time biddingparticipant.

In the cases where the CDN is not providing PII to the real-time biddingparticipant, the CDN or the CDN vendor may determine if the userassociated with the ephemeral identity token belongs to a segment ofusers that is immediately relevant to the real-time bidding participantrequesting the lookup. For instance, the CDN or the CDN vendor maydetermine if it should package relevant information, such as some kindof identifier (e.g., a user identifier) that has varying uses dependingon the permissions granted to the real-time bidding participant. As aspecific example, the CDN or the CDN vendor may package user segmentmembership back into a new token that the real-time bidding participantcan read for the purpose of deciding whether to bid on the bidopportunity. This may be useful, for example, if the publisher wishes tohide PII from real-time bidding participants that are supply-sideplatforms (SSP) and/or demand-side platforms (DSP), and the publishermay allow a SSP/DSP to only receive a segment identifier signal (e.g.,“seg ID 123” associated with advertiser ‘ABC’ in-store purchasers) withthe bid opportunity. At block 1062, the CDN can hash or encrypt thisinformation associated with the user PII and provide it back to thereal-time bidding participant. Alternatively, at block 1062, the CDNvendor could hash or encrypt this information associated with the userPII and then deliver it to the CDN, which will then forward theinformation to the real-time bidding participant.

At block 1064, the real-time bidding participant can receive the hashedor encrypted information about the PII from the CDN. The real-timebidding participant can extract this additional information and use itfor decision making in the bidding process, and at block 1066, thereal-time bidding participant can use the additional information toplace a bid. If the bid is the winning bid, then at block 1068, eitherthe CDN and/or the publisher may receive a win notification with thewinning bid and price. At block 1070, the CDN and/or the publisher(depending on where the ad associated with the winning bid is stored)may retrieve the ad associated with the winning bid and provide it tothe user device, which will display the ad to the user at block 1072.

Additional Implementation Details and Embodiments

Various embodiments of the present disclosure may be a system, a method,and/or a computer program product at any possible technical detail levelof integration. The computer program product may include a computerreadable storage medium (or mediums) having computer readable programinstructions thereon for causing a processor to carry out aspects of thepresent disclosure.

For example, the functionality described herein may be performed assoftware instructions are executed by, and/or in response to softwareinstructions being executed by, one or more hardware processors and/orany other suitable computing devices. The software instructions and/orother executable code may be read from a computer readable storagemedium (or mediums).

The computer readable storage medium can be a tangible device that canretain and store data and/or instructions for use by an instructionexecution device. The computer readable storage medium may be, forexample, but is not limited to, an electronic storage device (includingany volatile and/or non-volatile electronic storage devices), a magneticstorage device, an optical storage device, an electromagnetic storagedevice, a semiconductor storage device, or any suitable combination ofthe foregoing. A non-exhaustive list of more specific examples of thecomputer readable storage medium includes the following: a portablecomputer diskette, a hard disk, a solid state drive, a random accessmemory (RAM), a read-only memory (ROM), an erasable programmableread-only memory (EPROM or Flash memory), a static random access memory(SRAM), a portable compact disc read-only memory (CD-ROM), a digitalversatile disk (DVD), a memory stick, a floppy disk, a mechanicallyencoded device such as punch-cards or raised structures in a groovehaving instructions recorded thereon, and any suitable combination ofthe foregoing. A computer readable storage medium, as used herein, isnot to be construed as being transitory signals per se, such as radiowaves or other freely propagating electromagnetic waves, electromagneticwaves propagating through a waveguide or other transmission media (forexample, light pulses passing through a fiber-optic cable), orelectrical signals transmitted through a wire.

Computer readable program instructions described herein can bedownloaded to respective computing/processing devices from a computerreadable storage medium or to an external computer or external storagedevice via a network, for example, the Internet, a local area network, awide area network and/or a wireless network. The network may comprisecopper transmission cables, optical transmission fibers, wirelesstransmission, routers, firewalls, switches, gateway computers and/oredge servers. A network adapter card or network interface in eachcomputing/processing device receives computer readable programinstructions from the network and forwards the computer readable programinstructions for storage in a computer readable storage medium withinthe respective computing/processing device.

Computer readable program instructions (as also referred to herein as,for example, “code,” “instructions,” “module,” “application,” “softwareapplication,” and/or the like) for carrying out operations of thepresent disclosure may be assembler instructions,instruction-set-architecture (ISA) instructions, machine instructions,machine dependent instructions, microcode, firmware instructions,state-setting data, configuration data for integrated circuitry, oreither source code or object code written in any combination of one ormore programming languages, including an object oriented programminglanguage such as Java, C++, or the like, and procedural programminglanguages, such as the “C” programming language or similar programminglanguages. Computer readable program instructions may be callable fromother instructions or from itself, and/or may be invoked in response todetected events or interrupts. Computer readable program instructionsconfigured for execution on computing devices may be provided on acomputer readable storage medium, and/or as a digital download (and maybe originally stored in a compressed or installable format that requiresinstallation, decompression or decryption prior to execution) that maythen be stored on a computer readable storage medium. Such computerreadable program instructions may be stored, partially or fully, on amemory device (for example, a computer readable storage medium) of theexecuting computing device, for execution by the computing device. Thecomputer readable program instructions may execute entirely on a user'scomputer (for example, the executing computing device), partly on theuser's computer, as a stand-alone software package, partly on the user'scomputer and partly on a remote computer or entirely on the remotecomputer or server. In the latter scenario, the remote computer may beconnected to the user's computer through any type of network, includinga local area network (LAN) or a wide area network (WAN), or theconnection may be made to an external computer (for example, through theInternet using an Internet Service Provider). In some embodiments,electronic circuitry including, for example, programmable logiccircuitry, field-programmable gate arrays (FPGA), or programmable logicarrays (PLA) may execute the computer readable program instructions byutilizing state information of the computer readable programinstructions to personalize the electronic circuitry, in order toperform aspects of the present disclosure.

Aspects of the present disclosure are described herein with reference toflowchart illustrations and/or block diagrams of methods, apparatus(systems), and computer program products according to embodiments of thedisclosure. It will be understood that each block of the flowchartillustrations and/or block diagrams, and combinations of blocks in theflowchart illustrations and/or block diagrams, can be implemented bycomputer readable program instructions.

These computer readable program instructions may be provided to aprocessor of a general purpose computer, special purpose computer, orother programmable data processing apparatus to produce a machine, suchthat the instructions, which execute via the processor of the computeror other programmable data processing apparatus, create means forimplementing the functions/acts specified in the flowchart and/or blockdiagram block or blocks. These computer readable program instructionsmay also be stored in a computer readable storage medium that can directa computer, a programmable data processing apparatus, and/or otherdevices to function in a particular manner, such that the computerreadable storage medium having instructions stored therein comprises anarticle of manufacture including instructions which implement aspects ofthe function/act specified in the flowchart(s) and/or block diagram(s)block or blocks.

The computer readable program instructions may also be loaded onto acomputer, other programmable data processing apparatus, or other deviceto cause a series of operational steps to be performed on the computer,other programmable apparatus or other device to produce a computerimplemented process, such that the instructions which execute on thecomputer, other programmable apparatus, or other device implement thefunctions/acts specified in the flowchart and/or block diagram block orblocks. For example, the instructions may initially be carried on amagnetic disk or solid state drive of a remote computer. The remotecomputer may load the instructions and/or modules into its dynamicmemory and send the instructions over a telephone, cable, or opticalline using a modem. A modem local to a server computing system mayreceive the data on the telephone/cable/optical line and use a converterdevice including the appropriate circuitry to place the data on a bus.The bus may carry the data to a memory, from which a processor mayretrieve and execute the instructions. The instructions received by thememory may optionally be stored on a storage device (for example, asolid state drive) either before or after execution by the computerprocessor.

The flowchart and block diagrams in the Figures illustrate thearchitecture, functionality, and operation of possible implementationsof systems, methods, and computer program products according to variousembodiments of the present disclosure. In this regard, each block in theflowchart or block diagrams may represent a module, segment, or portionof instructions, which comprises one or more executable instructions forimplementing the specified logical function(s). In some alternativeimplementations, the functions noted in the blocks may occur out of theorder noted in the Figures. For example, two blocks shown in successionmay, in fact, be executed substantially concurrently, or the blocks maysometimes be executed in the reverse order, depending upon thefunctionality involved. In addition, certain blocks may be omitted insome implementations. The methods and processes described herein arealso not limited to any particular sequence, and the blocks or statesrelating thereto can be performed in other sequences that areappropriate.

It will also be noted that each block of the block diagrams and/orflowchart illustration, and combinations of blocks in the block diagramsand/or flowchart illustration, can be implemented by special purposehardware-based systems that perform the specified functions or acts orcarry out combinations of special purpose hardware and computerinstructions. For example, any of the processes, methods, algorithms,elements, blocks, applications, or other functionality (or portions offunctionality) described in the preceding sections may be embodied in,and/or fully or partially automated via, electronic hardware suchapplication-specific processors (for example, application-specificintegrated circuits (ASICs)), programmable processors (for example,field programmable gate arrays (FPGAs)), application-specific circuitry,and/or the like (any of which may also combine custom hard-wired logic,logic circuits, ASICs, FPGAs, etc. with custom programming/execution ofsoftware instructions to accomplish the techniques).

Any of the above-mentioned processors, and/or devices incorporating anyof the above-mentioned processors, may be referred to herein as, forexample, “computers,” “computer devices,” “computing devices,” “hardwarecomputing devices,” “hardware processors,” “processing units,” and/orthe like. Computing devices of the above-embodiments may generally (butnot necessarily) be controlled and/or coordinated by operating systemsoftware, such as Mac OS, iOS, Android, Chrome OS, Windows OS (forexample, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10,Windows Server, etc.), Windows CE, Unix, Linux, SunOS, Solaris,Blackberry OS, VxWorks, or other suitable operating systems. In otherembodiments, the computing devices may be controlled by a proprietaryoperating system. Conventional operating systems control and schedulecomputer processes for execution, perform memory management, providefile system, networking, I/O services, and provide a user interfacefunctionality, such as a graphical user interface (“GUI”), among otherthings.

For example, FIG. 6 is a block diagram that illustrates a computersystem 600 upon which various embodiments may be implemented. Computersystem 600 includes a bus 602 or other communication mechanism forcommunicating information, and a hardware processor, or multipleprocessors, 604 coupled with bus 602 for processing information.Hardware processor(s) 604 may be, for example, one or more generalpurpose microprocessors.

Computer system 600 also includes a main memory 606, such as a randomaccess memory (RAM), cache and/or other dynamic storage devices, coupledto bus 602 for storing information and instructions to be executed byprocessor 604. Main memory 606 also may be used for storing temporaryvariables or other intermediate information during execution ofinstructions to be executed by processor 604. Such instructions, whenstored in storage media accessible to processor 604, render computersystem 600 into a special-purpose machine that is customized to performthe operations specified in the instructions.

Computer system 600 further includes a read only memory (ROM) 608 orother static storage device coupled to bus 602 for storing staticinformation and instructions for processor 604. A storage device 610,such as a magnetic disk, optical disk, or USB thumb drive (Flash drive),etc., is provided and coupled to bus 602 for storing information andinstructions.

Computer system 600 may be coupled via bus 602 to a display 612, such asa cathode ray tube (CRT) or LCD display (or touch screen), fordisplaying information to a computer user. An input device 614,including alphanumeric and other keys, is coupled to bus 602 forcommunicating information and command selections to processor 604.Another type of user input device is cursor control 616, such as amouse, a trackball, or cursor direction keys for communicating directioninformation and command selections to processor 604 and for controllingcursor movement on display 612. This input device typically has twodegrees of freedom in two axes, a first axis (for example, x) and asecond axis (for example, y), that allows the device to specifypositions in a plane. In some embodiments, the same directioninformation and command selections as cursor control may be implementedvia receiving touches on a touch screen without a cursor.

Computing system 600 may include a user interface module to implement aGUI that may be stored in a mass storage device as computer executableprogram instructions that are executed by the computing device(s).Computer system 600 may further, as described below, implement thetechniques described herein using customized hard-wired logic, one ormore ASICs or FPGAs, firmware and/or program logic which in combinationwith the computer system causes or programs computer system 600 to be aspecial-purpose machine. According to one embodiment, the techniquesherein are performed by computer system 600 in response to processor(s)604 executing one or more sequences of one or more computer readableprogram instructions contained in main memory 606. Such instructions maybe read into main memory 606 from another storage medium, such asstorage device 610. Execution of the sequences of instructions containedin main memory 606 causes processor(s) 604 to perform the process stepsdescribed herein. In alternative embodiments, hard-wired circuitry maybe used in place of or in combination with software instructions.

Various forms of computer readable storage media may be involved incarrying one or more sequences of one or more computer readable programinstructions to processor 604 for execution. For example, theinstructions may initially be carried on a magnetic disk or solid statedrive of a remote computer. The remote computer can load theinstructions into its dynamic memory and send the instructions over atelephone line using a modem. A modem local to computer system 600 canreceive the data on the telephone line and use an infra-red transmitterto convert the data to an infra-red signal. An infra-red detector canreceive the data carried in the infra-red signal and appropriatecircuitry can place the data on bus 602. Bus 602 carries the data tomain memory 606, from which processor 604 retrieves and executes theinstructions. The instructions received by main memory 606 mayoptionally be stored on storage device 610 either before or afterexecution by processor 604.

Computer system 600 also includes a communication interface 618 coupledto bus 602. Communication interface 618 provides a two-way datacommunication coupling to a network link 620 that is connected to alocal network 622. For example, communication interface 618 may be anintegrated services digital network (ISDN) card, cable modem, satellitemodem, or a modem to provide a data communication connection to acorresponding type of telephone line. As another example, communicationinterface 618 may be a local area network (LAN) card to provide a datacommunication connection to a compatible LAN (or WAN component tocommunicated with a WAN). Wireless links may also be implemented. In anysuch implementation, communication interface 618 sends and receiveselectrical, electromagnetic or optical signals that carry digital datastreams representing various types of information.

Network link 620 typically provides data communication through one ormore networks to other data devices. For example, network link 620 mayprovide a connection through local network 622 to a host computer 624 orto data equipment operated by an Internet Service Provider (ISP) 626.ISP 626 in turn provides data communication services through the worldwide packet data communication network now commonly referred to as the“Internet” 628. Local network 622 and Internet 628 both use electrical,electromagnetic or optical signals that carry digital data streams. Thesignals through the various networks and the signals on network link 620and through communication interface 618, which carry the digital data toand from computer system 600, are example forms of transmission media.

Computer system 600 can send messages and receive data, includingprogram code, through the network(s), network link 620 and communicationinterface 618. In the Internet example, a server 630 might transmit arequested code for an application program through Internet 628, ISP 626,local network 622 and communication interface 618.

The received code may be executed by processor 604 as it is received,and/or stored in storage device 610, or other non-volatile storage forlater execution.

As described above, in various embodiments certain functionality may beaccessible by a user through a web-based viewer (such as a web browser),or other suitable software program). In such implementations, the userinterface may be generated by a server computing system and transmittedto a web browser of the user (for example, running on the user'scomputing system). Alternatively, data (for example, user interfacedata) necessary for generating the user interface may be provided by theserver computing system to the browser, where the user interface may begenerated (for example, the user interface data may be executed by abrowser accessing a web service and may be configured to render the userinterfaces based on the user interface data). The user may then interactwith the user interface through the web-browser. User interfaces ofcertain implementations may be accessible through one or more dedicatedsoftware applications. In certain embodiments, one or more of thecomputing devices and/or systems of the disclosure may include mobilecomputing devices, and user interfaces may be accessible through suchmobile computing devices (for example, smartphones and/or tablets).

FIG. 7 is a schematic diagram illustrating a content delivery networkaccording to some embodiments. In some embodiments, a content deliverynetwork may be configured to include a digital advertisement ecosystem(DAE) processing system 702. The DAE processing system can be comprisedof a user handshake system 704, a token management system 706, a headerbidding system 708, a consent management system 710, a tag managementsystem 712, a bid forwarding system 713, an user identity database 714,a token database 716, a bid algorithm database 718, a sync database 720,and/or a filter database 721. The DAE processing system 702 can beconnected to a network 722. The network 722 can be configured to connectthe DAE processing system 702 to one or more user access points 724and/or more external data sources 726.

In some embodiments, the user handshake system 704 may be able toextract user data (for example, behavior, preferences, and so forth)from received information and determine a user identity associated withthat user data (for example, based on a deterministic identifier).Unique user identities and their associated user data that have beencollected over time may be stored in the user identity database 714. Theuser handshake system 704 may also be able to receive a deterministicidentifier, determine if a user identity exists for that deterministicidentifier within the user identity database 714, and retrieve storeduser data tied to that user identity that is stored in the user identitydatabase 714. For instance, the user handshake system 704 may receive afirst deterministic identifier and determine that it matches an existingsecond deterministic identifier stored in the user identity database 714before retrieving any user data that has been indexed to the seconddeterministic identifier within the user identity database 714.

In some embodiments, the token management system 706 may be able togenerate electronic tokens based on user data. The token managementsystem 706 may be capable of encrypting and decrypting the token. Thetoken management system 706 may also keep track of which impressionopportunity corresponds to which token, and also which entities havereceived which tokens. The token management system 706 may store copiesof generated tokens in the token database 716.

In some embodiments, the header bidding system 708 may be able toperform header bidding according to the methods described herein. Theheader bidding system 708 may be configured to send out a plurality ofbid requests to a plurality of entities and receive bid responses fromthe plurality of entities at roughly the same time. In some embodiments,the consent management system 710 may be able to obtain user consentneeded for any of the methods described herein, such as user consent foroff-loading header bidding onto the DAE processing system 702. In someembodiments, there may be a bid algorithm database 718 storing bidalgorithms or defined ad campaigns for various entities, to enable theDAE processing system 702 to bid on their behalf.

In some embodiments, the tag management system 712 may manage trackingtags for sync pixels and site tracking for users, including CDN-ownedmaster-tracking tags. In some embodiments, sync pixels (or any otheruser ID tracking technology) for numerous entities can be stored andhosted in a sync database 720. The tag management system 712 may managemaster-tracking tags and be able to determine which sync pixels storedin the sync database 720 correspond to a particular master-tracking tag.In some embodiments, the tag management system 712 may be able toinitiate the retrieval of one or more of the sync pixels from the syncdatabase 720 based on a particular master-tracking tag.

In some embodiments, the bid forwarding system 713 may manage thedistributions of forwarded bids based on filters defined in the filterdatabase 721. More specifically, each entity could define one or morefilters for bid requests (for example, for impression opportunities)they would like to receive. The bid forwarding system 713 may be able toreceive a bid request and apply the filters in the filter database 721for all the various entities, in order to determine the subset ofentities with filters configured to receive that bid request. The bidforwarding system 713 can then send the bid request to that subset ofentities configured to receive it.

FIG. 8 illustrates a computer system with which certain methodsdiscussed herein may be implemented. The example computer system 802 isin communication with one or more computing systems 820 and/or one ormore data sources 822 via one or more networks 818. While FIG. 8illustrates an embodiment of a computing system 802, it is recognizedthat the functionality provided for in the components and systems ofcomputer system 802 can be combined into fewer components and systems,or further separated into additional components and systems.

The computer system 802 can comprise a digital advertisement ecosystem(DAE) processing system 814 that carries out the functions, methods,acts, and/or processes described herein. The DAE processing system 814may be executed on the computer system 802 by a central processing unit806 discussed further below.

In general the word “system,” as used herein, refers to logic embodiedin hardware or firmware or to a collection of software instructions,having entry and exit points. Systems are written in a program language,such as JAVA, C, or C++, or the like. Software systems can be compiledor linked into an executable program, installed in a dynamic linklibrary, or can be written in an interpreted language such as BASIC,PERL, LAU, PHP or Python and any such languages. Software systems can becalled from other systems or from themselves, and/or can be invoked inresponse to detected events or interruptions. Systems implemented inhardware include connected logic units such as gates and flip-flops,and/or can comprise programmable units, such as programmable gate arraysor processors.

Generally, the systems described herein refer to logical systems thatcan be combined with other systems or divided into sub-systems despitetheir physical organization or storage. The systems are executed by oneor more computing systems, and can be stored on or within any suitablecomputer readable medium, or implemented in-whole or in-part withinspecial designed hardware or firmware. Not all calculations, analysis,and/or optimization require the use of computer systems, though any ofthe above-described methods, calculations, processes, or analyses can befacilitated through the use of computers. Further, in some embodiments,process blocks described herein can be altered, rearranged, combined,and/or omitted.

The computer system 802 includes one or more processing units (CPU) 806,which can comprise a microprocessor. The computer system 802 furtherincludes a physical memory 810, such as random access memory (RAM) fortemporary storage of information, a read only memory (ROM) for permanentstorage of information, and a mass storage device 804, such as a backingstore, hard drive, rotating magnetic disks, solid state disks (SSD),flash memory, phase-change memory (PCM), 3D XPoint memory, diskette, oroptical media storage device. Alternatively, the mass storage device canbe implemented in an array of servers. Typically, the components of thecomputer system 802 are connected to the computer using a standardsbased bus system. The bus system can be implemented using variousprotocols, such as Peripheral Component Interconnect (PCI), MicroChannel, SCSI, Industrial Standard Architecture (ISA) and Extended ISA(EISA) architectures.

The computer system 802 includes one or more input/output (I/O) devicesand interfaces 812, such as a keyboard, mouse, touch pad, and printer.The I/O devices and interfaces 812 can comprise one or more displaydevices, such as a monitor, that allows the visual presentation of datato a user. More particularly, a display device provides for thepresentation of GUIs as application software data, and multi-mediapresentations, for example. The I/O devices and interfaces 812 can alsoprovide a communications interface to various external devices. Thecomputer system 802 can comprise one or more multi-media devices 808,such as speakers, video cards, graphics accelerators, and microphones,for example.

FIG. 8 is a block diagram depicting an embodiment of a computer hardwaresystem configured to run software for implementing one or moreembodiments of a DAE processing system. The computer system 802 can runon a variety of computing devices, such as a server, a Windows server, aStructure Query Language server, a Unix Server, a personal computer, alaptop computer, and so forth. In other embodiments, the computer system802 can run on a cluster computer system, a mainframe computer systemand/or other computing system suitable for controlling and/orcommunicating with large databases, performing high volume transactionprocessing, and generating reports from large databases. The computingsystem 302 is generally controlled and coordinated by operating systemsoftware, such as z/OS, Windows, Linux, UNIX, BSD, PHP, SunOS, Solaris,MacOS, ICloud services or other compatible operating systems, includingproprietary operating systems. Operating systems control and schedulecomputer processes for execution, perform memory management, providefile system, networking, and I/O services, and provide a user interface,such as a graphical user interface (GUI), among other things.

The computer system 802 illustrated in FIG. 8 is coupled to a network818, such as a LAN, WAN, or the Internet via a communication link 816(wired, wireless, or a combination thereof). Network 818 communicateswith various computing devices and/or other electronic devices. Network818 is communicating with one or more computing systems 820 and one ormore data sources 822. The computer system 802 can comprise a featureextraction system 814 can access or can be accessed by computing systems820 and/or data sources 822 through a web-enabled user access point.Connections can be a direct physical connection, a virtual connection,and other connection type. The web-enabled user access point cancomprise a browser system that uses text, graphics, audio, video, andother media to present data and to allow interaction with data via thenetwork 818.

The output system can be implemented as a combination of an all-pointsaddressable display such as a cathode ray tube (CRT), a liquid crystaldisplay (LCD), a plasma display, or other types and/or combinations ofdisplays. The output system can be implemented to communicate with inputdevices and/or interfaces 812 and they also include software with theappropriate interfaces which allow a user to access data through the useof stylized screen elements, such as menus, windows, dialogue boxes,tool bars, and controls (for example, radio buttons, check boxes,sliding scales, and so forth). Furthermore, the output system cancommunicate with a set of input and output devices to receive signalsfrom the user.

The computing system 802 can comprise one or more internal and/orexternal data sources (for example, data sources 822). In someembodiments, one or more of the data repositories and the data sourcesdescribed above can be implemented using a relational database, such asDB2, Sybase, Oracle, CodeBase, and Microsoft® SQL Server as well asother types of databases such as a flat-file database, an entityrelationship database, and object-oriented database, and/or arecord-based database.

The computer system 802 can also access one or more data sources 822.The data sources 822 can be stored in a database or data repository. Thecomputer system 802 can access the one or more data sources 822 througha network 818 or can directly access the database or data repositorythrough I/O devices and interfaces 812. The data repository storing theone or more data sources 822 can reside within the computer system 802.

Many variations and modifications may be made to the above-describedembodiments, the elements of which are to be understood as being amongother acceptable examples. All such modifications and variations areintended to be included herein within the scope of this disclosure. Theforegoing description details certain embodiments. It will beappreciated, however, that no matter how detailed the foregoing appearsin text, the systems and methods can be practiced in many ways. As isalso stated above, it should be noted that the use of particularterminology when describing certain features or aspects of the systemsand methods should not be taken to imply that the terminology is beingre-defined herein to be restricted to including any specificcharacteristics of the features or aspects of the systems and methodswith which that terminology is associated.

Conditional language, such as, among others, “can,” “could,” “might,” or“may,” unless specifically stated otherwise, or otherwise understoodwithin the context as used, is generally intended to convey that certainembodiments include, while other embodiments do not include, certainfeatures, elements, and/or steps. Thus, such conditional language is notgenerally intended to imply that features, elements and/or steps are inany way required for one or more embodiments or that one or moreembodiments necessarily include logic for deciding, with or without userinput or prompting, whether these features, elements and/or steps areincluded or are to be performed in any particular embodiment.

The term “substantially” when used in conjunction with the term“real-time” forms a phrase that will be readily understood by a personof ordinary skill in the art. For example, it is readily understood thatsuch language will include speeds in which no or little delay or waitingis discernible, or where such delay is sufficiently short so as not tobe disruptive, irritating, or otherwise vexing to a user.

Conjunctive language such as the phrase “at least one of X, Y, and Z,”or “at least one of X, Y, or Z,” unless specifically stated otherwise,is to be understood with the context as used in general to convey thatan item, term, etc. may be either X, Y, or Z, or a combination thereof.For example, the term “or” is used in its inclusive sense (and not inits exclusive sense) so that when used, for example, to connect a listof elements, the term “or” means one, some, or all of the elements inthe list. Thus, such conjunctive language is not generally intended toimply that certain embodiments require at least one of X, at least oneof Y, and at least one of Z to each be present.

The term “a” as used herein should be given an inclusive rather thanexclusive interpretation. For example, unless specifically noted, theterm “a” should not be understood to mean “exactly one” or “one and onlyone”; instead, the term “a” means “one or more” or “at least one,”whether used in the claims or elsewhere in the specification andregardless of uses of quantifiers such as “at least one,” “one or more,”or “a plurality” elsewhere in the claims or specification.

The term “comprising” as used herein should be given an inclusive ratherthan exclusive interpretation. For example, a general purpose computercomprising one or more processors should not be interpreted as excludingother computer components, and may possibly include such components asmemory, input/output devices, and/or network interfaces, among others.

While the above detailed description has shown, described, and pointedout novel features as applied to various embodiments, it may beunderstood that various omissions, substitutions, and changes in theform and details of the devices or processes illustrated may be madewithout departing from the spirit of the disclosure. As may berecognized, certain embodiments of the inventions described herein maybe embodied within a form that does not provide all of the features andbenefits set forth herein, as some features may be used or practicedseparately from others. The scope of certain inventions disclosed hereinis indicated by the appended claims rather than by the foregoingdescription. All changes which come within the meaning and range ofequivalency of the claims are to be embraced within their scope.

What is claimed is:
 1. A computing system for a content delivery networkenabling identity escrow and preventing user-based data leakage andcookie-mapping, the computing system comprising: a computer readablestorage medium having program instructions embodied therewith; and oneor more processors configured to execute the program instructions tocause the computer system to perform the processes of: initiatingdelivery of content to a computing system of a user in response to arequest for the content by the computing system of the user; storing afirst deterministic identifier associated with the user, wherein thefirst deterministic identifier comprises a first lexical tokenassociated with at least one type of identifying data for the user;storing user-specific preference information associated with the userbased on the first deterministic identifier associated with the user;receiving, from a publisher, a second deterministic identifier, whereinthe second deterministic identifier comprises a second lexical token,wherein the publisher does not have access to the first deterministicidentifier or the at least one type of identifying data for the user orthe user-specific preference information; determining if the seconddeterministic identifier is associated with the user associated with thefirst deterministic identifier; retrieving the stored user-specificpreference information associated with the user based on a determinationthat the second deterministic identifier and the first deterministicidentifier are both associated with the user; generating an encryptedtoken for identity escrow based on the retrieved user-specificpreference information associated with the user, wherein the generatedencrypted token does not comprise any personally identifiableinformation for the user; determining a level of permission associatedwith one or more of a plurality of demand side platforms to possess asubset of the personally identifiable information for the user, whereinthe subset of the personally identifiable information comprises dataowned by the one or more of the plurality of demand side platforms ordata enabled to be shared to one or more demand side platforms; if atleast one of the plurality of demand side platforms is determined to beassociated with a level of permission to possess the subset of thepersonally identifiable information: retrieving the subset of thepersonally identifiable information for the user that at least one ofthe plurality of demand side platforms is authorized to possess based atleast in part on the determined level of permission associated with theat least one of the plurality of demand side platforms; encrypting thesubset of the personally identifiable information for the user, using anencryption scheme that prevents unauthorized parties from accessing thedata; and adding the encrypted subset of the personally identifiableinformation to the encrypted token; transmitting the encrypted token tothe publisher for submission alongside a bid request to a demand-sideplatform for real-time bidding, wherein the encrypted subset of thepersonally identifiable information of the encrypted token is configuredto be inaccessible to any of the plurality of demand side platformswhich has not be been determined to possess or be authorized to possessthe subset of the personally identifiable information; and delivering tothe computing system of the user the content and an ad impression,wherein the ad impression won the real-time bidding without user-baseddata leakage and without cookie-mapping.
 2. The computing system ofclaim 1, wherein the real-time bidding is processed outside of a headerof a browser of the computing system of the user.
 3. The computingsystem of claim 1, wherein the real-time bidding is processed within aheader of a browser of the computing system of the user.
 4. Thecomputing system of claim 1, wherein the computing system is a proxyserver of the content delivery network.
 5. The computing system of claim1, wherein the user-specific preference information comprises marketsegment membership information associated with the user.
 6. Thecomputing system of claim 1, wherein the user-specific preferenceinformation comprises purchasing preferences associated with the user.7. The computing system of claim 1, wherein the first deterministicidentifier is an email address for the user.
 8. The computing system ofclaim 1, wherein the second deterministic identifier received from thepublisher is associated with an impression opportunity offered by thepublisher.
 9. The computing system of claim 1, wherein the programinstructions when executed further cause the system to perform the stepof transmitting the encrypted token to a supply-side platform.
 10. Thecomputing system of claim 1, wherein the program instructions whenexecuted further cause the system to perform the steps of: receiving,from the demand-side platform, a request for the user-specificpreference information associated with the user that is included in theencrypted token; and providing the demand-side platform theuser-specific preference information associated with the user bydecrypting the encrypted token.
 11. The computing system of claim 1,wherein the program instructions when executed further cause the systemto perform the steps of: receiving, from the demand-side platform, arequest for the user-specific preference information associated with theuser that is included in the encrypted token; and providing thedemand-side platform the stored user-specific preference informationassociated with the user.
 12. A computer-implemented method for enablingidentity escrow and preventing user-based data leakage andcookie-mapping, the method comprising: initiating delivery of content toa computing system of a user in response to a request for the content bythe computing system of the user; storing a first deterministicidentifier associated with the user, wherein the first deterministicidentifier comprises a first lexical token associated with at least onetype of identifying data for the user; storing user-specific preferenceinformation associated with the user based on the first deterministicidentifier associated with the user; receiving, from a publisher, asecond deterministic identifier, wherein the second deterministicidentifier comprises a second lexical token, wherein the publisher doesnot have access to the first deterministic identifier or the at leastone type of identifying data for the user or the user-specificpreference information; determining if the second deterministicidentifier is associated with the user associated with the firstdeterministic identifier; retrieving the stored user-specific preferenceinformation associated with the user based on a determination that thesecond deterministic identifier and the first deterministic identifierare both associated with the user; generating an encrypted token basedon the retrieved user-specific preference information associated withthe user, wherein the generated encrypted token does not comprise anypersonally identifiable information for the user; determining a level ofpermission associated with one or more of a plurality of demand sideplatforms to possess a subset of the personally identifiable informationfor the user, wherein the subset of the personally identifiableinformation comprises data owned by the one or more of the plurality ofdemand side platforms or data enabled to be shared to one or more demandside platforms; if at least one of the plurality of demand sideplatforms is determined to be associated with a level of permission topossess the subset of the personally identifiable information:retrieving the subset of the personally identifiable information for theuser that at least one of the plurality of demand side platforms isauthorized to possess based at least in part on the determined level ofpermission associated with the at least one of the plurality of demandside platforms; encrypting the subset of the personally identifiableinformation for the user, using an encryption scheme that preventsunauthorized parties from accessing the data; and adding the encryptedsubset of the personally identifiable information to the encryptedtoken; transmitting the encrypted token to the publisher for submissionalongside a bid request to a demand-side platform for real-time bidding,wherein the encrypted subset of the personally identifiable informationof the encrypted token is configured to be inaccessible to any of theplurality of demand side platforms which has not be been determined topossess or be authorized to possess the subset of the personallyidentifiable information; and delivering to the computing system of theuser the content and an ad impression, wherein the ad impression won thereal-time bidding without user-based data leakage and withoutcookie-mapping.
 13. The method of claim 12, wherein the real-timebidding is processed outside of a header of a browser of the computingsystem of the user.
 14. The method of claim 12, wherein theuser-specific preference information comprises market segment membershipinformation associated with the user.
 15. The method of claim 12,wherein the user-specific preference information comprises purchasingpreferences associated with the user.
 16. The method of claim 12,wherein the first deterministic identifier is an email address for theuser.
 17. The computing system of claim 12, wherein the seconddeterministic identifier received from the publisher is associated withan impression opportunity offered by the publisher.
 18. Non-transitorycomputer readable storage media storing instructions that, when executedby one or more processors, cause the one or more processors to enableidentity escrow and prevent user-based data leakage and cookie-mappingby performing the steps of: initiating delivery of content to acomputing system of a user in response to a request for the content bythe computing system of the user; storing a first deterministicidentifier associated with the user, wherein the first deterministicidentifier comprises a first lexical token associated with at least onetype of identifying data for the user; storing user-specific preferenceinformation associated with the user based on the first deterministicidentifier associated with the user; receiving, from a publisher, asecond deterministic identifier, wherein the second deterministicidentifier comprises a second lexical token, wherein the publisher doesnot have access to the first deterministic identifier or the at leastone type of identifying data for the user or the user-specificpreference information; determining if the second deterministicidentifier is associated with the user associated with the firstdeterministic identifier; retrieving the stored user-specific preferenceinformation associated with the user based on a determination that thesecond deterministic identifier and the first deterministic identifierare both associated with the user; generating an encrypted token basedon the retrieved user-specific preference information associated withthe user, wherein the generated encrypted token does not comprise anypersonally identifiable information for the user; determining a level ofpermission associated with one or more of a plurality of demand sideplatforms to possess a subset of the personally identifiable informationfor the user; if at least one of the plurality of demand side platformsis determined to be associated with a level of permission to possess thesubset of the personally identifiable information: retrieving the subsetof the personally identifiable information for the user that at leastone of the plurality of demand side platforms is authorized to possessbased at least in part on the determined level of permission associatedwith the at least one of the plurality of demand side platforms, whereinthe at least one of the plurality of demand side platforms is authorizedto access the subset of the personally identifiable information;encrypting the subset of the personally identifiable information for theuser, using an encryption scheme that prevents unauthorized parties fromaccessing the data; and adding the encrypted subset of the personallyidentifiable information to the encrypted token; transmitting theencrypted token to the publisher for submission alongside a bid requestto a demand-side platform for real-time bidding, wherein the encryptedsubset of the personally identifiable information of the encrypted tokenis configured to be inaccessible to any of the plurality of demand sideplatforms which has not be been determined to possess or be authorizedto possess the subset of the personally identifiable information; anddelivering to the computing system of the user the content and an adimpression, wherein the ad impression won the real-time bidding withoutuser-based data leakage and without cookie-mapping.
 19. Thenon-transitory computer readable storage media of claim 18, wherein thereal-time bidding is processed outside of a header of a browser of thecomputing system of the user.
 20. The non-transitory computer readablestorage media of claim 18, wherein the user-specific preferenceinformation comprises market segment membership information associatedwith the user.